security icon indicating copy to clipboard operation
security copied to clipboard
verified publisher icon jakartaee

update mock OP to use SignedJWT and return preferred_username in user info

Open jimmy1wu opened this issue 3 years ago • 0 comments

for #277

  • update OidcProvider to use SignedJWT

    • update the /token endpoint to use SignedJWT with RS256 instead of PlainJWT to comply with oidc spec
    • create the /certs endpoint to return the jwk set containing the jwk used to sign the id token in the /token endpoint

  • additionally updated the /userinfo endpoint to also return a preferred_username, since the default callerNameClaim is preferred_username, but it is currently not sent in the access token, id token, nor userinfo (i put it into the user info, since that's where it's inserted in app-openid2)

jimmy1wu avatar Nov 09 '22 17:11 jimmy1wu