1eda382789
The "at_hash" claim, which provides hash verification for the "access_token," is a required claim for implicit and hybrid flow requests. Previously we did not include it (against spec). This PR implements the "at_hash" logic and adds the claim to all responses. As a cleanup, it also moves some JOSE signing logic out of the storage package and into the server package. For details see: https://openid.net/specs/openid-connect-core-1_0.html#ImplicitIDToken |
||
---|---|---|
.. | ||
conformance | ||
kubernetes | ||
memory | ||
sql | ||
doc.go | ||
static.go | ||
storage.go |