From becacae348ee88690fc7d49c7721aa1988cc981c Mon Sep 17 00:00:00 2001 From: Giuseppe De Marco Date: Thu, 14 Sep 2023 13:00:56 +0200 Subject: [PATCH 1/2] fix: access token audience --- spid_cie_oidc/provider/views/__init__.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/spid_cie_oidc/provider/views/__init__.py b/spid_cie_oidc/provider/views/__init__.py index 76ec28ac..3e884b50 100644 --- a/spid_cie_oidc/provider/views/__init__.py +++ b/spid_cie_oidc/provider/views/__init__.py @@ -4,6 +4,7 @@ from django.conf import settings from pydantic import ValidationError from django.http import HttpResponseRedirect +from django.urls import reverse from django.utils import timezone import urllib from spid_cie_oidc.entity.jwtse import create_jws, unpad_jwt_head, unpad_jwt_payload, verify_jws @@ -245,11 +246,11 @@ def get_jwt_common_data(self): def get_access_token( self, iss_sub:str, sub:str, authz: OidcSession, commons:dict ) -> dict: - + access_token = { "iss": iss_sub, "sub": sub, - "aud": [authz.client_id], + "aud": [iss_sub, reverse("oidc_provider_userinfo_endpoint")], "client_id": authz.client_id, "scope": authz.authz_request["scope"], "jti": str(uuid.uuid4()) From c401a94e99ac1870e23ce4bfaa8aac04d127206a Mon Sep 17 00:00:00 2001 From: Giuseppe De Marco Date: Thu, 14 Sep 2023 13:02:24 +0200 Subject: [PATCH 2/2] fix: access token audience - version --- spid_cie_oidc/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spid_cie_oidc/__init__.py b/spid_cie_oidc/__init__.py index 6849410a..a82b376d 100644 --- a/spid_cie_oidc/__init__.py +++ b/spid_cie_oidc/__init__.py @@ -1 +1 @@ -__version__ = "1.1.0" +__version__ = "1.1.1"