github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

user info endpoint response uses correct client algorithms, addresses #921

pull/948/head
Justin Richer 2015-10-02 18:48:25 -04:00
parent d03bebe5bf
commit b09503aadb
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoJwtView.java
View File

@ -99,8 +99,8 @@ public class UserInfoJwtView extends UserInfoView {
claims.setJWTID(UUID.randomUUID().toString()); // set a random NONCE in the middle of it claims.setJWTID(UUID.randomUUID().toString()); // set a random NONCE in the middle of it
if (client.getIdTokenEncryptedResponseAlg() != null && !client.getIdTokenEncryptedResponseAlg().equals(Algorithm.NONE) if (client.getUserInfoEncryptedResponseAlg() != null && !client.getUserInfoEncryptedResponseAlg().equals(Algorithm.NONE)
&& client.getIdTokenEncryptedResponseEnc() != null && !client.getIdTokenEncryptedResponseEnc().equals(Algorithm.NONE) && client.getUserInfoEncryptedResponseEnc() != null && !client.getUserInfoEncryptedResponseEnc().equals(Algorithm.NONE)
&& !Strings.isNullOrEmpty(client.getJwksUri())) { && !Strings.isNullOrEmpty(client.getJwksUri())) {
// encrypt it to the client's key // encrypt it to the client's key
@ -109,7 +109,7 @@ public class UserInfoJwtView extends UserInfoView {
if (encrypter != null) { if (encrypter != null) {
EncryptedJWT encrypted = new EncryptedJWT(new JWEHeader(client.getIdTokenEncryptedResponseAlg(), client.getIdTokenEncryptedResponseEnc()), claims); EncryptedJWT encrypted = new EncryptedJWT(new JWEHeader(client.getUserInfoEncryptedResponseAlg(), client.getUserInfoEncryptedResponseEnc()), claims);
encrypter.encryptJwt(encrypted); encrypter.encryptJwt(encrypted);