#340 providers/openidc: Do not stringify empty array for 'amr' when setting up auth response
Merged 16 days ago by ngompa. Opened 16 days ago by ngompa.
ngompa/ipsilon oidc-amr-json  into  master

@@ -503,7 +503,7 @@ 

              if 'nonce' in request:

                  id_token['nonce'] = request['nonce']

              id_token['acr'] = '0'

-             id_token['amr'] = json.dumps([])

+             id_token['amr'] = []
simo commented 16 days ago

Is this 'amr' even used? I see no other reference in the file.

              id_token['azp'] = request['client_id']

  

              if 'code' in response:

We transform the whole authentication response dictionary into JSON later on, so
we do not need to do it while building the dictionary.

Fixes #339

Signed-off-by: Neal Gompa ngompa13@gmail.com

@simo, could you please review this?

Is this 'amr' even used? I see no other reference in the file.

Unfortunately I do not remember much of this provider, so I cannot say if this change is correct, it will change the serialization though. Are there any tests that verify this change is ok?

Ah I read #339 now ... so there is in field proof this is wrong.

LGTM

@simo We need to fix the test suite and get it running again in CI. Changes are scary without it...

Pull-Request has been merged by ngompa

16 days ago
Metadata