issues
search
felleslosninger
/
docs
Prosjekt for teknisk dokumentasjon av FEL's fellesløsninger. Publisert via Github Pages og Jekyll på docs.digdir.no
Other
10
stars
52
forks
source link
Include subject in required claims for client assertion
#338
Closed
stoivo
closed
10 months ago
stoivo
commented
11 months ago
Jeg hadde ikke med for det står at det ikke er påkreved
her er et eksempen på at det feiler
``` > POST https://test.idporten.no/token Content-Type: application/x-www-form-urlencoded Connection: close Host: test.idporten.no User-Agent: http.rb/5.1.1 client_id=f18991af-3ec9-4f93-963b-8ea4d04ee802&grant_type=authorization_code&code=euIXF4V808MGhkqAmd8jeQ.2-Nu-USujrqQvZd7ilTszA&redirect_uri=http%3A%2F%2Flocalhost%3A3500%2Fsession%2Ftoken&code_verifier=t07EPrMzAxzZw3ArD71oqxGKMadufqFEbTayfbuoyM9SVBvD8472eqAR9hWifaMSaOkzkaRgwpjsf4u9Ni8ANoVmHzlo33BkNVBt&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJraWQiOiJzaWdzYWc2MDgiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJmMTg5OTFhZi0zZWM5LTRmOTMtOTYzYi04ZWE0ZDA0ZWU4MDIiLCJhdWQiOiJodHRwczovL3Rlc3QuaWRwb3J0ZW4ubm8iLCJqdGkiOiIyMDBjNzY1OC1kNWY0LTQzMDEtYTIzZi02MWY0MjZjYzBjOGUiLCJpYXQiOjE2OTU3OTg2MDUsImV4cCI6MTY5NTc5ODY2NX0.OwShBU3K2SSw2vLn-XrH9R-B7gha4G-KyW9ctpJc74Q3coEFHB3zgJjOvme7yo2k9lXOGllSMnI452D4XPxq7qSdG991PkiCdS-D3cLqDOM9uIQkAPUjfO_BrEnrVS5vgUtTSevzGSULrIdx6bpgBPsuWjfShZG8qv9n9wDBa8aYIDiAyC5iuNhWhkhl-1fllCnyr9zh9yvVAkmoWB2yhaC0kEALCEuF1ORB9fnJ60-MmcoC_ONwgJ1G9FyI2LFI68FD61Oxqzwk5S05Mc0a9IleEjMUurW9BMtYAvK8pQRhWNlKqcTeTL5wzBVYH_B0DtfMRii26Hk68Iq75v-Z9g < 400 Bad Request set-cookie: dtCookie=v_4_srv_67_sn_72FF0894BEE405509D87E37015BBE790_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; Path=/; Domain=.idporten.no x-oneagent-js-injection: true server-timing: dtRpid;desc="-6698218", dtSInfo;desc="0" cache-control: no-store pragma: no-cache content-type: application/json;charset=UTF-8 content-length: 106 date: Wed, 27 Sep 2023 07:10:04 GMT set-cookie: ae8f6e07cbd4dde8431e58944ce42790=1b858d65f3138ecf9649b6a18cb0936b; path=/; HttpOnly; Secure; SameSite=None connection: close Set-Cookie: BIGipServer~DigDir~pool_digdir_test.idporten.no_https=rd3535o00000000000000000000ffff8b6920d1o443; path=/; Httponly; Secure Strict-Transport-Security: max-age=16070400; includeSubDomains {"error":"invalid_request","error_description":"Invalid request: Missing subject in client JWT assertion"} ```
Jeg hadde ikke med for det står at det ikke er påkreved
her er et eksempen på at det feiler
``` > POST https://test.idporten.no/token Content-Type: application/x-www-form-urlencoded Connection: close Host: test.idporten.no User-Agent: http.rb/5.1.1 client_id=f18991af-3ec9-4f93-963b-8ea4d04ee802&grant_type=authorization_code&code=euIXF4V808MGhkqAmd8jeQ.2-Nu-USujrqQvZd7ilTszA&redirect_uri=http%3A%2F%2Flocalhost%3A3500%2Fsession%2Ftoken&code_verifier=t07EPrMzAxzZw3ArD71oqxGKMadufqFEbTayfbuoyM9SVBvD8472eqAR9hWifaMSaOkzkaRgwpjsf4u9Ni8ANoVmHzlo33BkNVBt&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJraWQiOiJzaWdzYWc2MDgiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJmMTg5OTFhZi0zZWM5LTRmOTMtOTYzYi04ZWE0ZDA0ZWU4MDIiLCJhdWQiOiJodHRwczovL3Rlc3QuaWRwb3J0ZW4ubm8iLCJqdGkiOiIyMDBjNzY1OC1kNWY0LTQzMDEtYTIzZi02MWY0MjZjYzBjOGUiLCJpYXQiOjE2OTU3OTg2MDUsImV4cCI6MTY5NTc5ODY2NX0.OwShBU3K2SSw2vLn-XrH9R-B7gha4G-KyW9ctpJc74Q3coEFHB3zgJjOvme7yo2k9lXOGllSMnI452D4XPxq7qSdG991PkiCdS-D3cLqDOM9uIQkAPUjfO_BrEnrVS5vgUtTSevzGSULrIdx6bpgBPsuWjfShZG8qv9n9wDBa8aYIDiAyC5iuNhWhkhl-1fllCnyr9zh9yvVAkmoWB2yhaC0kEALCEuF1ORB9fnJ60-MmcoC_ONwgJ1G9FyI2LFI68FD61Oxqzwk5S05Mc0a9IleEjMUurW9BMtYAvK8pQRhWNlKqcTeTL5wzBVYH_B0DtfMRii26Hk68Iq75v-Z9g < 400 Bad Request set-cookie: dtCookie=v_4_srv_67_sn_72FF0894BEE405509D87E37015BBE790_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_0; Path=/; Domain=.idporten.no x-oneagent-js-injection: true server-timing: dtRpid;desc="-6698218", dtSInfo;desc="0" cache-control: no-store pragma: no-cache content-type: application/json;charset=UTF-8 content-length: 106 date: Wed, 27 Sep 2023 07:10:04 GMT set-cookie: ae8f6e07cbd4dde8431e58944ce42790=1b858d65f3138ecf9649b6a18cb0936b; path=/; HttpOnly; Secure; SameSite=None connection: close Set-Cookie: BIGipServer~DigDir~pool_digdir_test.idporten.no_https=rd3535o00000000000000000000ffff8b6920d1o443; path=/; Httponly; Secure Strict-Transport-Security: max-age=16070400; includeSubDomains {"error":"invalid_request","error_description":"Invalid request: Missing subject in client JWT assertion"} ```