From fb6ac658e81caa0cc66a5fd4b86d99929d16d445 Mon Sep 17 00:00:00 2001 From: Mati Kochen Date: Fri, 18 Oct 2024 09:29:32 +0200 Subject: [PATCH] fix: client assertion JWT iss and sub OAuth 2 client_id when requesting access token --- src/Service/Client/LtiServiceClient.php | 2 +- tests/Traits/SecurityTestingTrait.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Service/Client/LtiServiceClient.php b/src/Service/Client/LtiServiceClient.php index 18f07dc..7fe4967 100644 --- a/src/Service/Client/LtiServiceClient.php +++ b/src/Service/Client/LtiServiceClient.php @@ -211,7 +211,7 @@ private function generateCredentials(RegistrationInterface $registration): strin MessagePayloadInterface::HEADER_KID => $toolKeyChain->getIdentifier() ], [ - MessagePayloadInterface::CLAIM_ISS => $registration->getTool()->getAudience(), + MessagePayloadInterface::CLAIM_ISS => $registration->getClientId(), MessagePayloadInterface::CLAIM_SUB => $registration->getClientId(), MessagePayloadInterface::CLAIM_AUD => [ $registration->getPlatform()->getAudience(), diff --git a/tests/Traits/SecurityTestingTrait.php b/tests/Traits/SecurityTestingTrait.php index cee1bdc..8a18a9b 100644 --- a/tests/Traits/SecurityTestingTrait.php +++ b/tests/Traits/SecurityTestingTrait.php @@ -89,7 +89,7 @@ private function createTestClientAssertion(RegistrationInterface $registration): MessagePayloadInterface::HEADER_KID => $registration->getToolKeyChain()->getIdentifier() ], [ - MessagePayloadInterface::CLAIM_ISS => $registration->getTool()->getAudience(), + MessagePayloadInterface::CLAIM_ISS => $registration->getClientId(), MessagePayloadInterface::CLAIM_SUB => $registration->getClientId(), MessagePayloadInterface::CLAIM_AUD => [ $registration->getPlatform()->getAudience(),