ramosbugs
commented
8 months ago Hi @FabianLars,
The Accept header isn't mentioned in the spec, so I think there's some flexibility here. The current Accept: application/json behavior seems like a sensible default, but it should be fine to add a method like UserInfoRequest::set_response_type() modeled after Client::set_auth_type() to allow users to choose between JSON or JWT responses. I'd be happy to merge a PR that does this.
As a workaround until this feature is available, you should be able to set or remove the Accept request header in a custom HTTP client wrapper passed to UserInfoRequest::request() or UserInfoRequest::request_async().
Hi, thanks for this awesome crate! I'm not sure if this is just another instance of the server we are interacting not being spec compliant again, but when we're sending the request to the UserInfo endpoint (https://docs.rs/openidconnect/3.4.0/openidconnect/struct.Client.html#method.user_info) the server will return a 302 to a 404 (this crate stops at the 302) because it checks the Accept header set here.
I need to either remove the header, or set it to
MIME_TYPE_JWT. I confirmed in a local copy of this crate that this will make it work for us. As far as i understand it, it also makes sense to be able to set JWT since the crate can handle JWT responses.Would this be in scope for this crate? Or is this simply the server's fault and we have to deal with that?
Thanks in advance :)