github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

added JTI to ID tokens, closes #900

pull/948/head
Justin Richer 9 years ago
parent
4bb28052a1
commit
89a728669a
2 changed files with 3 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      openid-connect-server/src/main/java/org/mitre/oauth2/token/JwtAssertionTokenGranter.java
  2. 1
      openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultOIDCTokenService.java

2
openid-connect-server/src/main/java/org/mitre/oauth2/token/JwtAssertionTokenGranter.java
Unescape View File

@ -21,6 +21,7 @@ package org.mitre.oauth2.token;
import java.text.ParseException;
import java.util.Date;
import java.util.UUID;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.oauth2.model.ClientDetailsEntity;
@ -122,6 +123,7 @@ public class JwtAssertionTokenGranter extends AbstractTokenGranter {
}
claims.setIssueTime(new Date());
claims.setJWTID(UUID.randomUUID().toString()); // set a random NONCE in the middle of it
SignedJWT newIdToken = new SignedJWT((JWSHeader) idToken.getHeader(), claims);

1
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultOIDCTokenService.java
Unescape View File

@ -123,6 +123,7 @@ public class DefaultOIDCTokenService implements OIDCTokenService {
idClaims.setIssuer(configBean.getIssuer());
idClaims.setSubject(sub);
idClaims.setAudience(Lists.newArrayList(client.getClientId()));
idClaims.setJWTID(UUID.randomUUID().toString()); // set a random NONCE in the middle of it
String nonce = (String)request.getExtensions().get("nonce");
if (!Strings.isNullOrEmpty(nonce)) {

Write Preview
Loading…
Cancel
Save