gCubeSystem
/
oidc-library
18
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Authorized party field is used first refresshing the token if clientId is not provided

This commit is contained in:
Mauro Mugnaini 2020-06-30 12:47:30 +02:00
parent c8e2a30489
commit cb05b4a63b
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/main/java/org/gcube/oidc/rest/OpenIdConnectRESTHelper.java
View File

@ -156,7 +156,16 @@ public class OpenIdConnectRESTHelper {
Map<String, List<String>> params = new HashMap<>();
params.put("grant_type", Arrays.asList("refresh_token"));
if (clientId == null) {
clientId = getFirstAudienceNoAccount(token);
if (logger.isDebugEnabled()) {
logger.debug("Client id not provided, using authorized party field (azp)");
}
clientId = token.getAzp();
if (clientId == null) {
if (logger.isDebugEnabled()) {
logger.debug("Authorized party field (azp) not present, getting one of the audience field (aud)");
}
clientId = getFirstAudienceNoAccount(token);
}
}
params.put("client_id", Arrays.asList(URLEncoder.encode(clientId, "UTF-8")));
if (clientSecret != null) {