Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
Describe the issue:
CibaAuthRequestValidator [1] needs to be updated according to the spec [2] to validate authentication requests if the aud value of the client assertion contains any of the values from issuer identifier, token endpoint or CIBA backchannel authentication endpoint.
Describe the issue: CibaAuthRequestValidator [1] needs to be updated according to the spec [2] to validate authentication requests if the
aud
value of the client assertion contains any of the values fromissuer identifier, token endpoint or CIBA backchannel authentication endpoint
.[1] https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/master/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/ciba/CibaAuthRequestValidator.java#L411 [2] https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0.html#rfc.section.7.1