Problem/Motivation

The OpenIdConnectIdTokenResponse returns an additional id_token with a URL of the server that issued the token. However, this URL includes a language prefix, making it invalid. See for reference: https://openid.net/specs/openid-connect-core-1_0.html#IDToken

Proposed resolution

Generate the 'Issued by' (iss) claim in the OpenID Connect id token without a language prefix.

Remaining tasks

  1. Write a merge request
  2. Review
  3. Commit

User interface changes

None

API changes

None

Data model changes

None

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

Comments

idebr created an issue. See original summary.

idebr’s picture

Status: Active » Needs review

The merge requests implements the following changes:

  1. The 'Issued by' (iss) claim is now generated without a language prefix
  2. The OpenIdConnectTest now checks for the correct URL, see https://git.drupalcode.org/issue/simple_oauth-3502576/-/jobs/4153025

  • bojan_dev committed 0dccd452 on 6.0.x authored by idebr
    Issue #3502576: Generate the 'Issued by' (iss) claim in the OpenID...
bojan_dev’s picture

Status: Needs review » Fixed

Looks good, merged!

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.