KEYCLOAK-9635 Add AccessTokenHash to IDToken for OIDC Auth Code flow

Added missing test
This commit is contained in:
Thomas Darimont 2020-05-23 16:58:40 +02:00 committed by Marek Posolda
parent 086bdd1700
commit 5a337d0376

View file

@ -253,6 +253,11 @@ public abstract class AbstractOIDCResponseTypeTest extends AbstractTestRealmKeyc
for (IDToken idt : idTokens) { for (IDToken idt : idTokens) {
Assert.assertEquals("abcdef123456", idt.getNonce()); Assert.assertEquals("abcdef123456", idt.getNonce());
Assert.assertEquals(authzResponse.getSessionState(), idt.getSessionState()); Assert.assertEquals(authzResponse.getSessionState(), idt.getSessionState());
// see KEYCLOAK-9635
if (authzResponse.getCode() != null && authzResponse.getAccessToken() != null) {
// we have an IDToken that was obtained via auth code flow alongside an AccessToken
Assert.assertNotNull("claim at_hash should be present in IDToken for OIDC auth code flow requests", idt.getAccessTokenHash());
}
} }
} }