From 8e95734f226a2cee22aa64907a7e6ed5e935696f Mon Sep 17 00:00:00 2001
From: Mike Derryberry <derryberry@mitre.org>
Date: Wed, 8 Aug 2012 15:27:47 -0400
Subject: [PATCH] changed response-type to code rather than token

---
 .../mitre/openid/connect/client/OIDCSignedRequestFilter.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCSignedRequestFilter.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCSignedRequestFilter.java
index b5c3235e3..ea1a10e7e 100644
--- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCSignedRequestFilter.java
+++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCSignedRequestFilter.java
@@ -109,7 +109,7 @@ public class OIDCSignedRequestFilter extends AbstractOIDCAuthenticationFilter {
 //		header.setAlgorithm(JwsAlgorithm.getByName(SIGNING_ALGORITHM).toString());
 		
 		//set parameters to JwtClaims
-		claims.setClaim("response_type", "token");
+		claims.setClaim("response_type", "code");
 		claims.setClaim("client_id", serverConfiguration.getClientId());
 		claims.setClaim("scope", scope);
 		claims.setClaim("redirect_uri", AbstractOIDCAuthenticationFilter.buildRedirectURI(request, null));