Closed markcraig closed 8 years ago
@mrpotes is this acceptable as a workaround?
Would it be better to branch the current state as a 12.0.0 branch, and then fix for 13 on trunk?
Will anyone get here from the Relying Party Examples section in the 12.0.0 admin guide?
The link in there redirects to https://github.com/ForgeRock/openid.
My concern is that anyone coming from the release version would find the master branch broken. They'd have to read the relatively small print to notice that we did a 12.0.0 version on a separate branch.
I guess this is the same as the auth module - we need to manage the lifecycle of old docs versions better when these examples change.
Successfully tested again with OpenAM 13.0.0-SNAPSHOT
Successfully tested with OpenAM 12.0.2
I'm going to go ahead and merge this one, @forgerock-chris , having tested on 12 and 13.
This patch fixes a failure to validate the ID token with OpenAM 13.
In OpenAM 12, the issuer path ends in at the base deployment path, such as
/openam
.In OpenAM 13, the issuer path ends in the base deployment path, plus
/oauth2
, such as/openam/oauth2
.The workaround here is a little too lenient: just check that the issuer starts with the correct path.