github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

proper null check for client's preferred signature method

pull/650/head
Justin Richer 2013-08-20 16:45:26 -04:00
parent 9df10d3871
commit 897e4cbfed
1 changed files with 3 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java
View File

@ -84,12 +84,9 @@ public class ConnectTokenEnhancer implements TokenEnhancer {
claims.setJWTID(UUID.randomUUID().toString()); // set a random NONCE in the middle of it claims.setJWTID(UUID.randomUUID().toString()); // set a random NONCE in the middle of it
JWSAlgorithm signingAlg; JWSAlgorithm signingAlg = jwtService.getDefaultSigningAlgorithm();
JWSAlgorithm clientAlg = client.getIdTokenSignedResponseAlg().getAlgorithm(); if (client.getIdTokenSignedResponseAlg() != null) {
if (clientAlg != null) { signingAlg = client.getIdTokenSignedResponseAlg().getAlgorithm();
signingAlg = clientAlg;
} else {
signingAlg = jwtService.getDefaultSigningAlgorithm();
} }
SignedJWT signed = new SignedJWT(new JWSHeader(signingAlg), claims); SignedJWT signed = new SignedJWT(new JWSHeader(signingAlg), claims);