dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add typ header to access token jwt (#2419)

Browse Source
This commit is contained in:
Maxime Besson 2021-02-01 22:35:54 +01:00
parent 635e75c1b6
commit a1ed57c035
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm
View File

@ -798,7 +798,8 @@ sub maybeJWT {
->{oidcRPMetaDataOptionsAccessTokenSignAlg} || "RS256";
$self->logger->debug("Access Token signature algorithm: $alg");
my $jwt = $self->createJWT( $access_token_payload, $alg, $rp );
my $jwt =
$self->createJWT( $access_token_payload, $alg, $rp, "at+JWT" );
return $jwt;
}
@ -1632,13 +1633,14 @@ sub _forceType {
# @param rp Internal Relying Party identifier
# @return String jwt JWT
sub createJWT {
my ( $self, $payload, $alg, $rp ) = @_;
my ( $self, $payload, $alg, $rp, $type ) = @_;
# Payload encoding
my $jwt_payload = encode_base64url( to_json($payload), "" );
# JWT header
my $jwt_header_hash = { typ => "JWT", alg => $alg };
my $typ = $type || "JWT";
my $jwt_header_hash = { typ => $typ, alg => $alg };
if ( $alg eq "RS256" or $alg eq "RS384" or $alg eq "RS512" ) {
$jwt_header_hash->{kid} = $self->conf->{oidcServiceKeyIdSig}
if $self->conf->{oidcServiceKeyIdSig};