OAuth 2.0-based authentication of users and devices, user profile management, Single Sign-On (SSO) and Identity Federation across multiple administration domains.
The id is the id of our iShare Satellite. The client_id is the id of our entitled party.
In line 109 in controllers/extparticipant/utils.js#109, a check is made that the aud in the jwt is set correctly. In the current MASTER, it is compared to the config.pr.client_id, which corresponds to the EORI of the entitled party.
However in iShare, the aud should be set to the satellite EORI.
Hence instead of config.pr.client_id, it should be compared with config.pr.id
if (aud == null || aud.indexOf(config.pr.id) === -1) {
throw new Error('Not listed on the aud parameter');
}
Implementing this change allows me to successfuly retrieve an access_token and id_token with the following call:
My question is: Is that correct or do I miss something here?
Hi everyone,
I have the following config.pr
The id is the id of our iShare Satellite. The client_id is the id of our entitled party.
In line 109 in
controllers/extparticipant/utils.js#109, a check is made that theaudin the jwt is set correctly. In the current MASTER, it is compared to the config.pr.client_id, which corresponds to the EORI of the entitled party. However in iShare, the aud should be set to the satellite EORI.Hence instead of config.pr.client_id, it should be compared with config.pr.id
Implementing this change allows me to successfuly retrieve an
access_tokenandid_tokenwith the following call:My question is: Is that correct or do I miss something here?