- Add profile option to set header type parameter of client authentication JWTsJCOMOIDC-130Philip Smart
- Add profile option for reverting 'aud' claims in JWT authentication assertions to tokenEndpointURLJCOMOIDC-129Philip Smart
- Update json-smart into 2.5.2JCOMOIDC-128Henri Mikkonen
- Transcoding of object type of claim failsJCOMOIDC-127Philip Smart
- Release 3.2.0JCOMOIDC-125Resolved issue: JCOMOIDC-125Philip Smart
- Profile configuration setting for limiting initial access token to selfJCOMOIDC-124Resolved issue: JCOMOIDC-124Henri Mikkonen
- Profile configuration setting for strict scope validationJCOMOIDC-123Resolved issue: JCOMOIDC-123Henri Mikkonen
- Maximum lifetime for jti-claim validator's replay cache recordsJCOMOIDC-121Resolved issue: JCOMOIDC-121Henri Mikkonen
- Improve jti-claim validator's handling of overly long valuesJCOMOIDC-120Resolved issue: JCOMOIDC-120Henri Mikkonen
- Release 3.1.1JCOMOIDC-119Resolved issue: JCOMOIDC-119Philip Smart
- As an OIDC RP, loginHintLookupStrategy seems to be ignoredJCOMOIDC-118Resolved issue: JCOMOIDC-118Philip Smart
- Profile configuration setting for custom redirect URI validationJCOMOIDC-117Resolved issue: JCOMOIDC-117Henri Mikkonen
- Profile configuration setting for message handlerJCOMOIDC-116Resolved issue: JCOMOIDC-116Henri Mikkonen
- Update Nimbus oauth2-oidc-sdk into 10.15JCOMOIDC-115Resolved issue: JCOMOIDC-115Henri Mikkonen
- BaseJWTSignatureSecurityHandler cannot resolve trust engine via custom context locationJCOMOIDC-114Resolved issue: JCOMOIDC-114Henri Mikkonen
- TrustEngine implementation for token derived credentialsJCOMOIDC-113Resolved issue: JCOMOIDC-113Henri Mikkonen
- Profile configuration settings for OAuth2 DPoPJCOMOIDC-112Resolved issue: JCOMOIDC-112Henri Mikkonen
- Remove exp-claim requirement for JWTIdentifierClaimsValidatorJCOMOIDC-111Resolved issue: JCOMOIDC-111Henri Mikkonen
- Add link back to Nimbus and JOSE javadocsJCOMOIDC-109Resolved issue: JCOMOIDC-109Henri Mikkonen
- Profile Configuration for OAuth2 PARJCOMOIDC-108Resolved issue: JCOMOIDC-108Henri Mikkonen
- Release 3.1.0JCOMOIDC-107Resolved issue: JCOMOIDC-107Henri Mikkonen
- Fix incorrect NonNull annotations in APIJCOMOIDC-106Resolved issue: JCOMOIDC-106Henri Mikkonen
- Profile configuration setting to require OIDC authentication requestJCOMOIDC-105Resolved issue: JCOMOIDC-105Henri Mikkonen
- Enable dynamic type header naming when signing tokensJCOMOIDC-104Resolved issue: JCOMOIDC-104Henri Mikkonen
- Add metadata-driven naming to attribute transcodersJCOMOIDC-103Resolved issue: JCOMOIDC-103Henri Mikkonen
- Implement metadata cache loading strategy for generic resourcesJCOMOIDC-102Resolved issue: JCOMOIDC-102Henri Mikkonen
- Fix Principal typing issue in profile config default implementationJCOMOIDC-101Resolved issue: JCOMOIDC-101Philip Smart
- Allowed ResponseModes should be configurableJCOMOIDC-100Resolved issue: JCOMOIDC-100Henri Mikkonen
- Metadata policy merging misses subordinate values with some operatorsJCOMOIDC-99Resolved issue: JCOMOIDC-99Henri Mikkonen
- Suggest changing the support level for Versions 1.0.0 through 3.0.0JCOMOIDC-98Henri Mikkonen
- Release 3.0.1JCOMOIDC-97Philip Smart
- Support custom/additional metadata policy operatorsJCOMOIDC-96Resolved issue: JCOMOIDC-96Henri Mikkonen
- Add clockSkew and idGenerator configuration hooks to JSONSecurityConfigurationJCOMOIDC-95Resolved issue: JCOMOIDC-95Henri Mikkonen
- Profile configuration option for refresh token typeJCOMOIDC-94Resolved issue: JCOMOIDC-94Henri Mikkonen
- com.nimbusds.oauth2.sdk subject_types_supported out of specJCOMOIDC-92Resolved issue: JCOMOIDC-92Henri Mikkonen
- Refactor profile configuration options on major version changeJCOMOIDC-91Henri Mikkonen
- Add CSP protection to viewsJCOMOIDC-90Resolved issue: JCOMOIDC-90Philip Smart
- Add a new CredentialFactoryBean type which allows null objects from createInstanceJCOMOIDC-89Philip Smart
- Credential factory beans are returning null from doCreateInstanceJCOMOIDC-88Philip Smart
- Profile configuration for OIDC logoutJCOMOIDC-87Resolved issue: JCOMOIDC-87Henri Mikkonen
- Add PKCE support to the OIDC message encodersJCOMOIDC-86Resolved issue: JCOMOIDC-86Philip Smart
- Add PKCE support to authorization request objectJCOMOIDC-85Resolved issue: JCOMOIDC-85Philip Smart
- Test-jar dependency is needed for generic testing utility classesJCOMOIDC-84Henri Mikkonen
- Release commons 3.0.0 and config 2.0.0JCOMOIDC-83Resolved issue: JCOMOIDC-83Philip Smart
- Update into the IdP V5 codebaseJCOMOIDC-82Resolved issue: JCOMOIDC-82Henri Mikkonen
- Support policies for unregistered clientsJCOMOIDC-81Resolved issue: JCOMOIDC-81Henri Mikkonen
- RemoteJwkUtils HTTP resource leakJCOMOIDC-80Resolved issue: JCOMOIDC-80Henri Mikkonen
- Add protocol message logging support to the AbstractOIDCMessageEncoderJCOMOIDC-79Resolved issue: JCOMOIDC-79Philip Smart
- Fix possible NPE in JWETokenDecrypter when jcaKeyAlg is not supported by the registryJCOMOIDC-78Resolved issue: JCOMOIDC-78Philip Smart
- Use security params lookup strategy in base signature security handlerJCOMOIDC-77Philip Smart
50 of 123
Add profile option to set header type parameter of client authentication JWTs
Basics
Logistics
Basics
Logistics
Description
Environment
None
Details
Details
Assignee
Philip Smart
Philip Smart
Reporter
Philip Smart
Philip SmartComponents
Created last week
Updated last week
Activity
Philip Smart last week
Philip Smart
last week
I think clientAuthenticationJWTType would be a good name for this.
Philip Smart last week(edited)
Philip Smart
last week
(edited)
Given that the RP’s profile config already extends the OAuth2ClientAuthenticableClientProfileConfiguration profile interface, this seems like a good place to add this. , does this make sense for the OP?
According to [1], we should now set the
typheader parameter value toclient-authentication+jwtfor any client authentication JWTs. This should be configurable by the profile configuration, so a profile option for both RP and OP is needed.Adding this profile option is needed to fix
[1]