Skip to content

Commit

Permalink
fix: client assertions for Okta (#636)
Browse files Browse the repository at this point in the history
* fix client assertions for Okta

* review feedback
  • Loading branch information
muir authored Aug 26, 2024
1 parent 1e75773 commit 67688db
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 5 deletions.
2 changes: 1 addition & 1 deletion pkg/client/rp/relying_party.go
Original file line number Diff line number Diff line change
Expand Up @@ -541,7 +541,7 @@ func CodeExchangeHandler[C oidc.IDClaims](callback CodeExchangeCallback[C], rp R
rp.CookieHandler().DeleteCookie(w, pkceCode)
}
if rp.Signer() != nil {
assertion, err := client.SignedJWTProfileAssertion(rp.OAuthConfig().ClientID, []string{rp.Issuer()}, time.Hour, rp.Signer())
assertion, err := client.SignedJWTProfileAssertion(rp.OAuthConfig().ClientID, []string{rp.Issuer(), rp.OAuthConfig().Endpoint.TokenURL}, time.Hour, rp.Signer())
if err != nil {
unauthorizedError(w, r, "failed to build assertion: "+err.Error(), state, rp)
return
Expand Down
8 changes: 4 additions & 4 deletions pkg/oidc/token_request.go
Original file line number Diff line number Diff line change
Expand Up @@ -72,10 +72,10 @@ type AccessTokenRequest struct {
Code string `schema:"code"`
RedirectURI string `schema:"redirect_uri"`
ClientID string `schema:"client_id"`
ClientSecret string `schema:"client_secret"`
CodeVerifier string `schema:"code_verifier"`
ClientAssertion string `schema:"client_assertion"`
ClientAssertionType string `schema:"client_assertion_type"`
ClientSecret string `schema:"client_secret,omitempty"`
CodeVerifier string `schema:"code_verifier,omitempty"`
ClientAssertion string `schema:"client_assertion,omitempty"`
ClientAssertionType string `schema:"client_assertion_type,omitempty"`
}

func (a *AccessTokenRequest) GrantType() GrantType {
Expand Down

0 comments on commit 67688db

Please sign in to comment.