Fix for typo in id_token validation.

rohe / oictest

OAuth2 and OpenID Connect test tools

Other

39 stars 21 forks source link

Fix for typo in id_token validation. #86

Closed panva closed 9 years ago

panva commented 9 years ago

• If the ID Token contains multiple audiences, the Client SHOULD verify that an azp Claim is present.
• If an azp (authorized party) Claim is present, the Client SHOULD verify that its client_id is the Claim Value.