Browse Source

bugfix: removed duplicate protocol

Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
main
Stephan Richter 3 months ago
parent
commit
f5ceb77ea7
  1. 2
      de.srsoftware.oidc.app/src/main/java/de/srsoftware/oidc/app/Application.java
  2. 6
      de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/TokenController.java

2
de.srsoftware.oidc.app/src/main/java/de/srsoftware/oidc/app/Application.java

@ -78,7 +78,7 @@ public class Application { @@ -78,7 +78,7 @@ public class Application {
new Forward(INDEX).bindPath(ROOT).on(server);
new WellKnownController().bindPath(WELL_KNOWN, "/realms/oidc" + WELL_KNOWN).on(server);
new UserController(mailConfig, sessionService, userService, staticPages).bindPath(API_USER).on(server);
var tokenControllerConfig = new TokenController.Configuration( 10);
var tokenControllerConfig = new TokenController.Configuration(10);
new TokenController(authService, clientService, keyManager, userService, tokenControllerConfig).bindPath(API_TOKEN).on(server);
new ClientController(authService, clientService, sessionService, userService).bindPath(API_CLIENT).on(server);
new KeyStoreController(keyStore).bindPath(JWKS).on(server);

6
de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/TokenController.java

@ -115,7 +115,7 @@ public class TokenController extends PathHandler { @@ -115,7 +115,7 @@ public class TokenController extends PathHandler {
var user = optUser.get();
var accessToken = users.accessToken(user);
var issuer = "https://"+hostname(ex);
var issuer = hostname(ex);
String jwToken = createJWT(client, user, accessToken, issuer);
ex.getResponseHeaders().add("Cache-Control", "no-store");
JSONObject response = new JSONObject();
@ -173,8 +173,8 @@ public class TokenController extends PathHandler { @@ -173,8 +173,8 @@ public class TokenController extends PathHandler {
JwtClaims claims = new JwtClaims();
// required claims:
claims.setIssuer(issuer); // who creates the token and signs it
claims.setSubject(user.uuid()); // the subject/principal is whom the token is about
claims.setIssuer(issuer); // who creates the token and signs it
claims.setSubject(user.uuid()); // the subject/principal is whom the token is about
claims.setAudience(client.id());
claims.setExpirationTimeMinutesInTheFuture(config.tokenExpirationMinutes); // time when the token will expire (10 minutes from now)
claims.setIssuedAtToNow();

Loading…
Cancel
Save