Hi, I would like to explain the way the JWK set has been generated to validate the ID Token received from the token endpoint of WSO2 IS in the implementation of tomcat extension of OpenID Connect.
As currently the IS uses a single set of JWK, The public key type, modulus and exponent are taken from the client-truststore.jks certificate. algorithm = RS256 x5t = NmJmOGUxMzZlYjM2ZDRhNTZlYTA1YzdhZTRiOWE0NWI2M2JmOTc1ZA key_ID = d0ec514a32b6f88c0abd12a2840699bdd3deba9d These values are generated as a json object and created a JWK set using Nimbus class JWK <http://com.nimbusds.jose.jwk.JWK> and used to validate the ID Token using the class IDTokenValidator <http://com.nimbusds.openid.connect.sdk.validators.IDTokenValidator>. Thank you. -- T. Abilashini Intern Software Engineering WSO2 Inc. http://wso2.com/ Phone +94 719248432
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
