Skip to content

Add code challenge methods for oidc provider configuration response #1329

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

Add code challenge methods for oidc provider configuration response #1329

wants to merge 2 commits into from

Conversation

drunkcattt
Copy link
Contributor

@drunkcattt drunkcattt commented Aug 7, 2023
edited by jgrandja
Loading

Add code challenge method for oidc well-known configuration endpoint.

Closes gh-1302

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Aug 7, 2023
@drunkcattt drunkcattt mentioned this pull request Aug 7, 2023
Closed
@drunkcattt drunkcattt marked this pull request as ready for review August 15, 2023 07:54
jgrandja
jgrandja reviewed Aug 16, 2023
View reviewed changes
...k/security/oauth2/server/authorization/oidc/web/OidcProviderConfigurationEndpointFilter.java
@@ -111,7 +111,8 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
.tokenIntrospectionEndpointAuthenticationMethods(clientAuthenticationMethods())
.subjectType("public")
.idTokenSigningAlgorithm(SignatureAlgorithm.RS256.getName())
.scope(OidcScopes.OPENID);
.scope(OidcScopes.OPENID)
.codeChallengeMethod("S256");
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@drunkcattt Can you please update the test in OidcProviderConfigurationEndpointFilterTests similar to OAuth2AuthorizationServerMetadataEndpointFilterTests.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@drunkcattt Are you able to update the test in OidcProviderConfigurationEndpointFilterTests?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's been added.

@jgrandja jgrandja self-assigned this Aug 16, 2023
@jgrandja jgrandja added status: duplicate A duplicate of another issue type: enhancement A general enhancement and removed status: waiting-for-triage An issue we've not yet triaged labels Aug 16, 2023
@jgrandja jgrandja added this to the 1.2.0-M1 milestone Aug 16, 2023
@jgrandja jgrandja changed the title feat: Add code challenge method for oidc well-known configuration end… Add code challenge method for oidc provider configuration endpoint Aug 16, 2023
@drunkcattt drunkcattt force-pushed the feat/add_s256_for_oidc_wellknow_endpoint branch 2 times, most recently from 103b97f to dc892d8 Compare September 6, 2023 05:55
@drunkcattt drunkcattt force-pushed the feat/add_s256_for_oidc_wellknow_endpoint branch from dc892d8 to 1963092 Compare September 6, 2023 05:55
@jgrandja jgrandja changed the title Add code challenge method for oidc provider configuration endpoint Add code challenge methods for oidc provider configuration response Sep 14, 2023
@jgrandja
Copy link
Collaborator

Thanks for the PR @drunkcattt. This is now merged.

@jgrandja jgrandja closed this Sep 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jgrandja jgrandja jgrandja left review comments

Assignees

@jgrandja jgrandja

Labels
status: duplicate A duplicate of another issue type: enhancement A general enhancement
Projects
None yet
Milestone
1.2.0-M1
Development

Successfully merging this pull request may close these issues.

code_challenge_methods_supported field not in openid-configuration endpoint
3 participants
@drunkcattt @jgrandja @spring-projects-issues