kumi/django-oidc-provider
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
django-oidc-provider/oidc_provider/tests
History
Andy Clayton b1e994aa7e Fix token introspection "aud" and "client_id" response 
Based on the OAuth 2.0 Token Introspection spec the "aud" field should
be based on the token. Previously "aud" was populated with the id of the
client making the introspection request which seems wrong. This changes
the endpoint to return the value from the token.

The "client_id" field is then changed to return the client id for the
client that originally requested the token rather than returning the
"aud" value from the token.

From the spec https://tools.ietf.org/html/rfc7662:

   client_id
      OPTIONAL.  Client identifier for the OAuth 2.0 client that
      requested this token.

   aud
      OPTIONAL.  Service-specific string identifier or list of string
      identifiers representing the intended audience for this token, as
      defined in JWT [RFC7519].
2018-07-04 09:53:30 -05:00
..
app Remove scope param from OIDC_IDTOKEN_PROCESSING_HOOK 2018-05-31 10:23:58 +03:00
cases Fix token introspection "aud" and "client_id" response 2018-07-04 09:53:30 -05:00
templates/accounts Clean templates in tests. 2015-06-23 15:05:47 -03:00
__init__.py Change name of the package. 2015-02-18 15:07:22 -03:00
settings.py Simplify test suit. 2018-03-22 11:45:56 -03:00