github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

user info endpoint response uses correct client algorithms, addresses #921

Browse Source
pull/948/head
Justin Richer 9 years ago
parent d03bebe5bf
commit b09503aadb
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File

6
openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoJwtView.java
Unescape View File

@ -99,8 +99,8 @@ public class UserInfoJwtView extends UserInfoView {
claims.setJWTID(UUID.randomUUID().toString()); // set a random NONCE in the middle of it
if (client.getIdTokenEncryptedResponseAlg() != null && !client.getIdTokenEncryptedResponseAlg().equals(Algorithm.NONE)
&& client.getIdTokenEncryptedResponseEnc() != null && !client.getIdTokenEncryptedResponseEnc().equals(Algorithm.NONE)
if (client.getUserInfoEncryptedResponseAlg() != null && !client.getUserInfoEncryptedResponseAlg().equals(Algorithm.NONE)
&& client.getUserInfoEncryptedResponseEnc() != null && !client.getUserInfoEncryptedResponseEnc().equals(Algorithm.NONE)
&& !Strings.isNullOrEmpty(client.getJwksUri())) {
// encrypt it to the client's key
@ -109,7 +109,7 @@ public class UserInfoJwtView extends UserInfoView {
if (encrypter != null) {
EncryptedJWT encrypted = new EncryptedJWT(new JWEHeader(client.getIdTokenEncryptedResponseAlg(), client.getIdTokenEncryptedResponseEnc()), claims);
EncryptedJWT encrypted = new EncryptedJWT(new JWEHeader(client.getUserInfoEncryptedResponseAlg(), client.getUserInfoEncryptedResponseEnc()), claims);
encrypter.encryptJwt(encrypted);

Write Preview
Loading…
Cancel
Save