- changed status to open
In com.nimbusds.openid.connect.sdk.AuthenticationRequest, privateKeyJWTAuth is still parsed but not used
In com.nimbusds.openid.connect.sdk.AuthenticationRequest, privateKeyJWTAuth is still parsed but not used.
{code}PrivateKeyJWT privateKeyJWTAuth = null;
if (params.containsKey("client_assertion") &&
params.containsKey("client_assertion_type") &&
JWTAuthentication.CLIENT_ASSERTION_TYPE.equals(MultivaluedMapUtils.getFirstValue(params, "client_assertion_type"))) {
try {
privateKeyJWTAuth = PrivateKeyJWT.parse(params);
} catch (ParseException e) {
String msg = "Invalid client private_key_jwt authentication: " + e.getMessage();
throw new ParseException(msg, OAuth2Error.INVALID_REQUEST.appendDescription(": " + msg),
ar.getClientID(), ar.getRedirectionURI(), ar.impliedResponseMode(), ar.getState());
}
}{code}
privateKeyJWTAuth is not stored, so seems like dead code resulting from the removal of the privateKeyJWTAuth field for OIDC Federation.
Comments (2)
-
-
- changed status to resolved
Fixed: b7191eb3
- Log in to comment
Thanks for spotting this artifact!