github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Signing JWT based on the default keyId. Currently, it signs based on the first key which has the desired algorithm.

pull/1612/head
Dmytri Eck 2024-06-04 22:44:09 -04:00
parent d074573de0
commit 7fd5a4a2e3
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java
View File

@ -425,7 +425,10 @@ public class OIDCAuthenticationFilter extends AbstractAuthenticationProcessingFi
null, null);
SignedJWT jwt = new SignedJWT(header, claimsSet.build());
signer.signJwt(jwt, alg);
if (signer.getDefaultSignerKeyId() != null)
signer.signJwt(jwt);
else
signer.signJwt(jwt, alg);
form.add("client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer");
form.add("client_assertion", jwt.serialize());