Merge pull request #2017 from mposolda/master
KEYCLOAK-2270 Use sub instead of iss for clientId in JWTClientAuthent…
This commit is contained in:
commit
ddb41e2c58
2 changed files with 2 additions and 1 deletions
|
@ -107,6 +107,7 @@ public class JWTClientCredentialsProvider implements ClientCredentialsProvider {
|
||||||
JsonWebToken reqToken = new JsonWebToken();
|
JsonWebToken reqToken = new JsonWebToken();
|
||||||
reqToken.id(AdapterUtils.generateId());
|
reqToken.id(AdapterUtils.generateId());
|
||||||
reqToken.issuer(clientId);
|
reqToken.issuer(clientId);
|
||||||
|
reqToken.subject(clientId);
|
||||||
reqToken.audience(realmInfoUrl);
|
reqToken.audience(realmInfoUrl);
|
||||||
|
|
||||||
int now = Time.currentTime();
|
int now = Time.currentTime();
|
||||||
|
|
|
@ -77,7 +77,7 @@ public class JWTClientAuthenticator extends AbstractClientAuthenticator {
|
||||||
JsonWebToken token = jws.readJsonContent(JsonWebToken.class);
|
JsonWebToken token = jws.readJsonContent(JsonWebToken.class);
|
||||||
|
|
||||||
RealmModel realm = context.getRealm();
|
RealmModel realm = context.getRealm();
|
||||||
String clientId = token.getIssuer();
|
String clientId = token.getSubject();
|
||||||
if (clientId == null) {
|
if (clientId == null) {
|
||||||
throw new RuntimeException("Can't identify client. Issuer missing on JWT token");
|
throw new RuntimeException("Can't identify client. Issuer missing on JWT token");
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue