updated signing request object in OIDC client by pulling out construction of JWT to its own method.

openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCSignedRequestFilter.java

@@ -87,6 +87,22 @@ public class OIDCSignedRequestFilter extends AbstractOIDCAuthenticationFilter {
 		
 		if(StringUtils.isNotBlank(request.getParameter("token"))) {
 			
+			Jwt jwt = createAndSignRequestJwt(request, serverConfiguration);
+			
+			Map<String, String> urlVariables = new HashMap<String, String>();
+			
+			urlVariables.put("request", jwt.toString());
+			
+			String authRequest = AbstractOIDCAuthenticationFilter.buildURL(serverConfiguration.getAuthorizationEndpointURI(), urlVariables);
+
+			logger.debug("Auth Request:  " + authRequest);
+
+			response.sendRedirect(authRequest);
+		}
+
+	}
+	
+	public Jwt createAndSignRequestJwt(HttpServletRequest request, OIDCServerConfiguration serverConfiguration) {
 		Jwt jwt = new Jwt();
 		JwtHeader header = jwt.getHeader();
 		JwtClaims claims = jwt.getClaims();
@@ -121,17 +137,7 @@ public class OIDCSignedRequestFilter extends AbstractOIDCAuthenticationFilter {
 			throw new IllegalArgumentException(header.getAlgorithm() + " is not a valid signing algorithm.");
 		}
 		
-			Map<String, String> urlVariables = new HashMap<String, String>();
-			
-			urlVariables.put("request", jwt.toString());
-			
-			String authRequest = AbstractOIDCAuthenticationFilter.buildURL(serverConfiguration.getAuthorizationEndpointURI(), urlVariables);
-
-			logger.debug("Auth Request:  " + authRequest);
-
-			response.sendRedirect(authRequest);
-		}
-
+		return jwt;
 	}
 
 }