search

briglx / python-b2c-app

0 stars 1 forks source link

Document why Issuer is login.microsoft.com.... instead of domain name #5

Open briglx opened 2 years ago

briglx commented 2 years ago

Getting this

 {
          "issuer": "https://login.microsoftonline.com/8c79416a-5f06-4058-b947-1a1cc7ab64fe/v2.0",
          "issuerAssignedId": "6e55bfcb-6184-411b-983b-6ed0e0f87d24",
          "signInType": "federated"
 },

Expected something like:

 {
          "issuer": "github.com",
          "issuerAssignedId": "1304774",
          "signInType": "federated"
 },
briglx commented 2 years ago

Uses the iss claim from the id_token

See

{
  "typ": "JWT",
  "alg": "RS256",
  "kid": "2ZQpJ3UpbjAYXYGaXEJl8lV0TOI"
}.{
  "aud": "f8b136d6-9288-45a5-8eb8-aa6bd3a0c52e",
  "iss": "https://login.microsoftonline.com/8c79416a-5f06-4058-b947-1a1cc7ab64fe/v2.0",
  "iat": 1659463926,
  "nbf": 1659463926,
  "exp": 1659467826,
  "aio": "ATQAy/8TAAAA2Yqfd0RF4y8QnV7fUKr3ZxFgvnSAt/1PBgNg9oHbvQsGt2J3lInrwXXTFvhLT7+N",
  "name": "Test User 1",
  "nonce": "678910",
  "oid": "6e55bfcb-6184-411b-983b-6ed0e0f87d24",
  "preferred_username": "testuser1@golamoreaux.com",
  "rh": "0.AXgAakF5jAZfWEC5Rxocx6tk_tY2sfiIkqVFjriqa9OgxS54AJw.",
  "sub": "jx0vDBsfHFU4GAdD-dIVxSrL0sqG7wCzsKb_u9sdApE",
  "tid": "8c79416a-5f06-4058-b947-1a1cc7ab64fe",
  "uti": "Ezn6_6C_CE-APtakpPh-AQ",
  "ver": "2.0"
}.[Signature]