Merge pull request #2017 from mposolda/master

KEYCLOAK-2270 Use sub instead of iss for clientId in JWTClientAuthent…
This commit is contained in:
Stian Thorgersen 2016-01-13 11:10:09 +01:00
commit ddb41e2c58
2 changed files with 2 additions and 1 deletions

View file

@ -107,6 +107,7 @@ public class JWTClientCredentialsProvider implements ClientCredentialsProvider {
JsonWebToken reqToken = new JsonWebToken(); JsonWebToken reqToken = new JsonWebToken();
reqToken.id(AdapterUtils.generateId()); reqToken.id(AdapterUtils.generateId());
reqToken.issuer(clientId); reqToken.issuer(clientId);
reqToken.subject(clientId);
reqToken.audience(realmInfoUrl); reqToken.audience(realmInfoUrl);
int now = Time.currentTime(); int now = Time.currentTime();

View file

@ -77,7 +77,7 @@ public class JWTClientAuthenticator extends AbstractClientAuthenticator {
JsonWebToken token = jws.readJsonContent(JsonWebToken.class); JsonWebToken token = jws.readJsonContent(JsonWebToken.class);
RealmModel realm = context.getRealm(); RealmModel realm = context.getRealm();
String clientId = token.getIssuer(); String clientId = token.getSubject();
if (clientId == null) { if (clientId == null) {
throw new RuntimeException("Can't identify client. Issuer missing on JWT token"); throw new RuntimeException("Can't identify client. Issuer missing on JWT token");
} }