Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-13436

userinfo_signing_alg_values_supported not populated in the well-known

    Details

    • Needs backport:
      Yes

      Description

      Bug description

      Similar to OPENAM-13434 but for userinfo_signing_alg_values_supported

      userinfo_signing_alg_values_supported
      OPTIONAL. JSON array containing a list of the JWS [JWS] signing algorithms (alg values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT]. The value none MAY be included.
      

      Optional doesn't mean we don't have to implement it, it means if it's empty, it's because the user info can't be signed. It's not the case of AM, we do support this feature.

       

      This is also applicable for 'userinfo_encryption_alg_values_supported' and 'userinfo_encryption_enc_values_supported'.

      How to reproduce the issue

      call the wellknown:
      https://as.aspsp.ob.forgerock.financial/oauth2/.well-known/openid-configuration

      Expected behaviour
      USER INFO SIGNING ALG SUPPORTED
      
      Current behaviour
      Empty
      

      In my OB setup, I would expect AM to return ["RS256","PS256"]

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                david.luna@forgerock.com David Luna
                Reporter:
                quentin.castel Quentin CASTEL [X] (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: