Duende Software
JWT response from UserInfo Endpoint possible? #495
-
|
In the latest version 7.4 of Duende IdentityServer a new field "userinfo_signing_alg_values_supported": [
"RS256"
],I did some research, but couldn't find a possibility to get a signed response (in the form of a JWT) from the UserInfo endpoint like it is possible with the Introspection endpoint. I'm curious why the Discovery endpoint is emitting the |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
This was added together with some other changes to the discovery document to add entries for which we added support. However in this case, we seem to have been a bit too eager, although this is relatively harmless. If you want to remove this entry from your discovery document, you can use the following custom implementation to remove the entry: using Duende.IdentityModel;
using Duende.IdentityServer.Configuration;
using Duende.IdentityServer.ResponseHandling;
using Duende.IdentityServer.Services;
using Duende.IdentityServer.Stores;
using Duende.IdentityServer.Validation;
namespace YourDuendeIdentityServerProject;
// Register this type using builder.Services.AddTransient<IDiscoveryResponseGenerator, CustomDiscoveryResponseGenerator>();
public class CustomDiscoveryResponseGenerator : DiscoveryResponseGenerator
{
public CustomDiscoveryResponseGenerator(IdentityServerOptions options, IResourceStore resourceStore, IKeyMaterialService keys, ExtensionGrantValidator extensionGrants, ISecretsListParser secretParsers, IResourceOwnerPasswordValidator resourceOwnerValidator, ILogger<DiscoveryResponseGenerator> logger) : base(options, resourceStore, keys, extensionGrants, secretParsers, resourceOwnerValidator, logger)
{
}
public override async Task<Dictionary<string, object>> CreateDiscoveryDocumentAsync(string baseUrl, string issuerUri)
{
var entries = await base.CreateDiscoveryDocumentAsync(baseUrl, issuerUri);
entries.Remove(OidcConstants.Discovery.UserInfoSigningAlgorithmsSupported);
return entries;
}
} |
Beta Was this translation helpful? Give feedback.
-
|
I followed your suggestion. Many thanks! |
Beta Was this translation helpful? Give feedback.
This was added together with some other changes to the discovery document to add entries for which we added support. However in this case, we seem to have been a bit too eager, although this is relatively harmless.
If you want to remove this entry from your discovery document, you can use the following custom implementation to remove the entry: