You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
oidc-auth-mananger seems to make an invalid assumption that all OIDC Issuers are URIs with an empty path part. if a webid has an OIDC Issuer URI with a path part (like my webid https://zenomt.zenomt.com/card.ttl#me with issuer https://zenomt.com/oidc/), it can never be matched against the id_token iss claim because the discovered issuer URI is reduced to its origin before being compared. see these lines in preferred-provider.js.
oidc-auth-mananger seems to make an invalid assumption that all OIDC Issuers are URIs with an empty path part. if a webid has an OIDC Issuer URI with a path part (like my webid https://zenomt.zenomt.com/card.ttl#me with issuer https://zenomt.com/oidc/), it can never be matched against the id_token
iss
claim because the discovered issuer URI is reduced to its origin before being compared. see these lines in preferred-provider.js.OIDC Issuers are allowed to have path parts.
The text was updated successfully, but these errors were encountered: