github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

proper null check for client's preferred signature method

pull/485/head
Justin Richer 2013-08-20 16:45:26 -04:00
parent 07bec462cc
commit ca777f7dc4
1 changed files with 3 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java
View File

@ -89,12 +89,9 @@ public class ConnectTokenEnhancer implements TokenEnhancer {
claims.setJWTID(UUID.randomUUID().toString()); // set a random NONCE in the middle of it
JWSAlgorithm signingAlg;
JWSAlgorithm clientAlg = client.getIdTokenSignedResponseAlg().getAlgorithm();
if (clientAlg != null) {
signingAlg = clientAlg;
} else {
signingAlg = jwtService.getDefaultSigningAlgorithm();
JWSAlgorithm signingAlg = jwtService.getDefaultSigningAlgorithm();
if (client.getIdTokenSignedResponseAlg() != null) {
signingAlg = client.getIdTokenSignedResponseAlg().getAlgorithm();
}
SignedJWT signed = new SignedJWT(new JWSHeader(signingAlg), claims);