From 4a15e51e12f17422c59cafeabdcf96c5383fc4e5 Mon Sep 17 00:00:00 2001
From: Justin Richer <jricher@mitre.org>
Date: Fri, 23 Mar 2012 10:52:04 -0400
Subject: [PATCH] pass through nonce

---
 .../mitre/openid/connect/token/ConnectAuthCodeTokenGranter.java | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectAuthCodeTokenGranter.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectAuthCodeTokenGranter.java
index a93f46544..1c283510f 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectAuthCodeTokenGranter.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectAuthCodeTokenGranter.java
@@ -170,6 +170,8 @@ public class ConnectAuthCodeTokenGranter implements TokenGranter {
 			idToken.getClaims().setIssuer(configBean.getIssuer());
 			// TODO: expiration? other fields?
 			
+			idToken.getClaims().setClaim("nonce", unconfirmedAuthorizationRequest.getParameters().get("nonce"));
+			
 			//Sign
 			
 			//TODO: check client to see if they have a preferred alg, attempt to use that