Merge pull request #2 from kolotaev/IDM-197_2

IDM-197 Implement JWT bearer token flow in Hydra - fix: check 'aud' claim against Hydra Issuer
sugarcrm · Nov 28, 2017 · 8fa6752 · 8fa6752
2 parents 349e7df + aedb5c9
commit 8fa6752
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 3 deletions.
diff --git a/cmd/server/handler_oauth2_factory.go b/cmd/server/handler_oauth2_factory.go
@@ -59,7 +59,7 @@ func newOAuth2Provider(c *config.Config, km jwk.Manager) fosite.OAuth2Provider {
 	var store = oauth2.CommonStore{
 		FositeStorer: ctx.FositeStore,
 		KeyManager:   km,
-		ClusterURL:   c.ClusterURL,
+		Issuer:       c.Issuer,
 	}
 
 	createRS256KeysIfNotExist(c, oauth2.OpenIDConnectKeyName, "private", "sig")

diff --git a/oauth2/flow_jwt_bearer.go b/oauth2/flow_jwt_bearer.go
@@ -30,7 +30,7 @@ func JWTBearerGrantFactory(config *compose.Config, storage interface{}, strategy
 		},
 		ScopeStrategy: fosite.HierarchicScopeStrategy,
 		KeyManager:    storage.(CommonStore).KeyManager,
-		Audience:      strings.Trim(storage.(CommonStore).ClusterURL, "/") + "/oauth2/token",
+		Audience:      strings.Trim(storage.(CommonStore).Issuer, "/") + "/oauth2/token",
 	}
 }
 

diff --git a/oauth2/store.go b/oauth2/store.go
@@ -9,5 +9,5 @@ import (
 type CommonStore struct {
 	pkg.FositeStorer
 	KeyManager jwk.Manager
-	ClusterURL string
+	Issuer     string
 }