diff --git a/perun-oidc-server/pom.xml b/perun-oidc-server/pom.xml
index 2af0470f9..4e261b25f 100644
--- a/perun-oidc-server/pom.xml
+++ b/perun-oidc-server/pom.xml
@@ -119,6 +119,14 @@
javax.annotation
javax.annotation-api
+
+ jakarta.xml.bind
+ jakarta.xml.bind-api
+
+
+ org.glassfish.jaxb
+ jaxb-runtime
+
org.glassfish
javax.servlet
@@ -135,6 +143,10 @@
ch.qos.logback
logback-classic
+
+ ch.qos.logback
+ logback-core
+
org.aspectj
aspectjweaver
diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/service/impl/DefaultOIDCTokenService.java b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/service/impl/DefaultOIDCTokenService.java
index 2a06b47c1..b3ae6cd1e 100644
--- a/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/service/impl/DefaultOIDCTokenService.java
+++ b/perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/service/impl/DefaultOIDCTokenService.java
@@ -25,6 +25,7 @@ import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import com.google.common.collect.Sets;
import com.nimbusds.jose.Algorithm;
+import com.nimbusds.jose.JOSEObjectType;
import com.nimbusds.jose.JWEHeader;
import com.nimbusds.jose.JWEObject;
import com.nimbusds.jose.JWSAlgorithm;
@@ -59,7 +60,6 @@ import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
-import org.springframework.stereotype.Service;
/**
* Default implementation of service to create specialty OpenID Connect tokens.
*
@@ -140,7 +140,7 @@ public class DefaultOIDCTokenService implements OIDCTokenService {
if (responseTypes.contains("token")) {
// calculate the token hash
Base64URL at_hash = IdTokenHashUtils.getAccessTokenHash(signingAlg, accessToken);
- idClaims.claim("at_hash", at_hash);
+ idClaims.claim("at_hash", at_hash.toString());
}
addCustomIdTokenClaims(idClaims, client, request, sub, accessToken);
@@ -166,7 +166,6 @@ public class DefaultOIDCTokenService implements OIDCTokenService {
if (signingAlg.equals(Algorithm.NONE)) {
// unsigned ID token
idToken = new PlainJWT(idClaims.build());
-
} else {
// signed ID token
@@ -175,7 +174,7 @@ public class DefaultOIDCTokenService implements OIDCTokenService {
|| signingAlg.equals(JWSAlgorithm.HS384)
|| signingAlg.equals(JWSAlgorithm.HS512)) {
- JWSHeader header = new JWSHeader(signingAlg, null, null, null, null, null, null, null, null, null,
+ JWSHeader header = new JWSHeader(signingAlg, JOSEObjectType.JWT, null, null, null, null, null, null, null, null,
jwtService.getDefaultSignerKeyId(),
null, null);
idToken = new SignedJWT(header, idClaims.build());
@@ -187,7 +186,7 @@ public class DefaultOIDCTokenService implements OIDCTokenService {
} else {
idClaims.claim("kid", jwtService.getDefaultSignerKeyId());
- JWSHeader header = new JWSHeader(signingAlg, null, null, null, null, null, null, null, null, null,
+ JWSHeader header = new JWSHeader(signingAlg, JOSEObjectType.JWT, null, null, null, null, null, null, null, null,
jwtService.getDefaultSignerKeyId(),
null, null);
diff --git a/pom.xml b/pom.xml
index 95c14ca14..dfccfc34a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -100,10 +100,10 @@
${eclipse-persistence.version}
- 2.1.0
+ 2.1.0
- 1.2.7
+ 1.2.7
4.13.2
@@ -208,6 +208,12 @@
com.zaxxer
HikariCP
${hikari.version}
+
+
+ org.slf4j
+ slf4j-api
+
+
org.mariadb.jdbc
@@ -261,13 +267,12 @@
ch.qos.logback
logback-classic
- ${logback.verison}
-
-
- org.slf4j
- slf4j-api
-
-
+ ${logback.version}
+
+
+ ch.qos.logback
+ logback-core
+ ${logback.version}
@@ -320,7 +325,7 @@
org.apache.directory.api
api-all
- ${apache-directory-api.version}
+ ${apache-ldap-api-all.version}