Skip to content

Commit

Permalink
fix: allow all request object signing algs per default
Browse files Browse the repository at this point in the history 
This patch resolves an issue where RS256 would be the only allowed request object signing algorithm. The spec however mandates that all algorithms are allowed if the client does not explicitly set the request object signing algorithm.
  • Loading branch information
@aeneasr
aeneasr committed Nov 10, 2020
1 parent 3b177c1 commit 294c405
Showing 1 changed file with 0 additions and 3 deletions.
3 changes: 0 additions & 3 deletions client/client.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -314,9 +314,6 @@ func (c *Client) GetTokenEndpointAuthSigningAlgorithm() string {
}

func (c *Client) GetRequestObjectSigningAlgorithm() string {
if c.RequestObjectSigningAlgorithm == "" {
return "RS256"
}
return c.RequestObjectSigningAlgorithm
}

Expand Down

0 comments on commit 294c405

Please sign in to comment.