github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

user info endpoint response uses correct client algorithms, addresses #921

pull/924/head
Justin Richer 2015-10-02 18:48:11 -04:00
parent 3c222b0d79
commit 4063f7f94f
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoJWTView.java
View File

@ -109,8 +109,8 @@ public class UserInfoJWTView extends UserInfoView {
claims.setJWTID(UUID.randomUUID().toString()); // set a random NONCE in the middle of it
if (client.getIdTokenEncryptedResponseAlg() != null && !client.getIdTokenEncryptedResponseAlg().equals(Algorithm.NONE)
&& client.getIdTokenEncryptedResponseEnc() != null && !client.getIdTokenEncryptedResponseEnc().equals(Algorithm.NONE)
if (client.getUserInfoEncryptedResponseAlg() != null && !client.getUserInfoEncryptedResponseAlg().equals(Algorithm.NONE)
&& client.getUserInfoEncryptedResponseEnc() != null && !client.getUserInfoEncryptedResponseEnc().equals(Algorithm.NONE)
&& (!Strings.isNullOrEmpty(client.getJwksUri()) || client.getJwks() != null)) {
// encrypt it to the client's key
@ -119,7 +119,7 @@ public class UserInfoJWTView extends UserInfoView {
if (encrypter != null) {
EncryptedJWT encrypted = new EncryptedJWT(new JWEHeader(client.getIdTokenEncryptedResponseAlg(), client.getIdTokenEncryptedResponseEnc()), claims);
EncryptedJWT encrypted = new EncryptedJWT(new JWEHeader(client.getUserInfoEncryptedResponseAlg(), client.getUserInfoEncryptedResponseEnc()), claims);
encrypter.encryptJwt(encrypted);