Closed bifurcation closed 3 years ago
I have also verified that this branch interoperates with node-oidc-provider, using the scripts linked in #406.
@bifurcation thank you for the PR, I've made a few small adjustments and will release a new minor (this is a feat, not a fix) shortly.
Fixes #406
According to draft-03 of DPoP:
The DPoP implementation in this repository currently does not provide the
ath
claim when used with an access token (e.g., inuserinfo()
andrequestResource()
). This PR updates the DPoP proof construction code so that if an access token is provided, then theath
parameter is included in the proof.