joachimvh
commented
3 years ago Despite the similar names, solidcommunity.net actually runs the Node Solid Server and not the Community Solid Server. I just checked and the CSS does return an array there.
Open hzafar opened 3 years ago
joachimvh
commented
3 years ago Despite the similar names, solidcommunity.net actually runs the Node Solid Server and not the Community Solid Server. I just checked and the CSS does return an array there.
bourgeoa
commented
3 years ago @hzafar Thanks for reporting. How did you discover that, what are the implications ?
hzafar
commented
3 years ago Hi @bourgeoa, this was discovered when configuring a Solid OIDC provider for a Spring application using the Spring Security framework. The framework usually allows auto-configuration of an OIDC provider from its discovery document, but in this case it's unable to parse the document due to the type mismatch on token_endpoint_auth_methods_supported. As a result, some custom classes have been written to workaround the issue (so this isn't an immediate blocker), but it would be ideal if the config-only approach could be used for adding https://solidcommunity.net as an identity provider for Spring applications.
The response from https://solidcommunity.net/.well-known/openid-configuration contains a string value for the
token_endpoint_auth_methods_supportedkey, when this should be an array as per https://datatracker.ietf.org/doc/html/rfc8414.