Remove iss validation

Substring matching of 'iss' claim is unreliable - required for OneLogin integration

Author: lcrilly

openid_connect.js

@@ -111,12 +111,6 @@ function validateIdToken(req,res) {
         valid_token = false;
     }
 
-    // Check iss relates to $oidc_authz_endpoint
-    if (!req.variables.oidc_authz_endpoint.startsWith(req.variables.jwt_claim_iss)) {
-        req.error("OIDC ID Token validation error: iss claim (" + req.variables.jwt_claim_iss  + ") is not found in $oidc_authz_endpoint");
-        valid_token = false;
-    }
-
     // Audience matching
     if (req.variables.jwt_claim_aud != req.variables.oidc_client) {
         req.error("OIDC ID Token validation error: aud claim (" + req.variables.jwt_claim_aud + ") does not match $oidc_client");