libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

KEYCLOAK-9635 Add AccessTokenHash to IDToken for OIDC Auth Code flow

Browse source 
Added missing test
This commit is contained in:
Thomas Darimont 2020-05-23 16:58:40 +02:00 committed by Marek Posolda
parent 086bdd1700
commit 5a337d0376
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/flows/AbstractOIDCResponseTypeTest.java
View file

@ -253,6 +253,11 @@ public abstract class AbstractOIDCResponseTypeTest extends AbstractTestRealmKeyc
for (IDToken idt : idTokens) {
Assert.assertEquals("abcdef123456", idt.getNonce());
Assert.assertEquals(authzResponse.getSessionState(), idt.getSessionState());
// see KEYCLOAK-9635
if (authzResponse.getCode() != null && authzResponse.getAccessToken() != null) {
// we have an IDToken that was obtained via auth code flow alongside an AccessToken
Assert.assertNotNull("claim at_hash should be present in IDToken for OIDC auth code flow requests", idt.getAccessTokenHash());
}
}
}