Skip to content
This repository was archived by the owner on May 25, 2025. It is now read-only.

Commit 58e1011

Browse files
rsscrssc
authored
Accept unknown audiences beyond the client ID (#379)
1 parent 26c24bd commit 58e1011

File tree

2 files changed

+5
-2
lines changed

2 files changed

+5
-2
lines changed

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -63,7 +63,7 @@ services:
6363
# default: true See https://github.com/MarcelCoding/jitsi-openid/issues/372#issuecomment-2730510228
6464
# - 'SKIP_PREJOIN_SCREEN=false' # <- skips the jitsi prejoin screen after login (default: true)
6565
# - 'GROUP=example' # <- Value for the 'group' field in the token
66-
# default: ''
66+
# default: ''
6767
ports:
6868
- "3000:3000"
6969
# ...

src/routes.rs

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -192,8 +192,11 @@ fn id_token_claims(
192192
}
193193
};
194194

195+
let id_token_verifier = client
196+
.id_token_verifier()
197+
.set_other_audience_verifier_fn(|_aud| true);
195198
let claims = id_token
196-
.claims(&client.id_token_verifier(), nonce)
199+
.claims(&id_token_verifier, nonce)
197200
.map_err(InvalidIdTokenNonce)?;
198201

199202
if let Some(acr_values) = &config.acr_values {

0 commit comments

Comments
 (0)