From 28c896410ed2c0770550efbdce60d21df3e88cbe Mon Sep 17 00:00:00 2001 From: Filip Skokan Date: Fri, 6 Sep 2019 11:36:49 +0200 Subject: [PATCH] feat: allow clientAssertionPayload to overwrite default payload This allows a developer to get around various IdP quirks when using _jwt authentication methods. --- lib/helpers/client.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/helpers/client.js b/lib/helpers/client.js index 68e272e4..438166b8 100644 --- a/lib/helpers/client.js +++ b/lib/helpers/client.js @@ -67,13 +67,13 @@ async function authFor(endpoint, { clientAssertionPayload } = {}) { case 'client_secret_jwt': { const timestamp = now(); const assertion = await clientAssertion.call(this, endpoint, { - ...clientAssertionPayload, iat: timestamp, exp: timestamp + 60, jti: random(), iss: this.client_id, sub: this.client_id, - aud: this.issuer[`${endpoint}_endpoint`], // TODO: pass the issuer instead + aud: this.issuer[`${endpoint}_endpoint`], // TODO: in v4.x pass the issuer instead (for now clientAssertionPayload can be used for that) + ...clientAssertionPayload, }); return {