Closed manuelvanrijn closed 3 months ago
@stanhu @bufferoverflow just a friendly ping 😄 Would you have time to review this ? Thanks in advance!
There are also Rubocop failures: https://github.com/omniauth/omniauth_openid_connect/actions/runs/9779345570/job/27001862614?pr=179
I've come across an issue where the
identifier
wasn't equal to theaudience
in the token. This resulted in verification errors because currently it will verify theaud
against theidentifier
if noaudience
is specified.In this PR, I introduced the
audience
asclient_options
and will pass this along in theverify!
of thedecoded_id_token
so the openid_connect gem can handle the expected audience