diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java index 19940c433..65a405b1e 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java @@ -57,7 +57,7 @@ public class ServerConfiguration { RECOMMENDED. URL of the OP's Dynamic Client Registration Endpoint [OpenID.Registration]. scopes_supported RECOMMENDED. JSON array containing a list of the OAuth 2.0 [RFC6749] scope values that this server - + response_types_supported REQUIRED. JSON array containing a list of the OAuth 2.0 response_type values that this server supports. The server MUST support the code, id_token, and the token id_token response type values. grant_types_supported diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultOIDCTokenService.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultOIDCTokenService.java index 5f6e80d75..7ee088d46 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultOIDCTokenService.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultOIDCTokenService.java @@ -100,9 +100,8 @@ public class DefaultOIDCTokenService implements OIDCTokenService { } // TODO: this ought to be getResponseType; issue #482 - String responseType = request.getRequestParameters().get("response_type"); + Set responseTypes = request.getResponseTypes(); - Set responseTypes = OAuth2Utils.parseParameterList(responseType); if (responseTypes.contains("token")) { // calculate the token hash Base64URL at_hash = IdTokenHashUtils.getAccessTokenHash(signingAlg, accessToken);