2 年之前 · 5fe955afee
--- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/web/OidcProviderConfigurationEndpointFilter.java
+++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/web/OidcProviderConfigurationEndpointFilter.java
@@ -109,6 +109,7 @@ public final class OidcProviderConfigurationEndpointFilter extends OncePerReques
 
				 				.tokenRevocationEndpointAuthenticationMethods(clientAuthenticationMethods())
			
 
				 				.tokenIntrospectionEndpoint(asUrl(issuer, authorizationServerSettings.getTokenIntrospectionEndpoint()))
			
 
				 				.tokenIntrospectionEndpointAuthenticationMethods(clientAuthenticationMethods())
			
 
				+				.codeChallengeMethod("S256")
			
 
				 				.subjectType("public")
			
 
				 				.idTokenSigningAlgorithm(SignatureAlgorithm.RS256.getName())
			
 
				 				.scope(OidcScopes.OPENID);
			
--- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcProviderConfigurationTests.java
+++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcProviderConfigurationTests.java
@@ -141,6 +141,7 @@ public class OidcProviderConfigurationTests {
 
				 				jsonPath("$.introspection_endpoint_auth_methods_supported[1]").value(ClientAuthenticationMethod.CLIENT_SECRET_POST.getValue()),
			
 
				 				jsonPath("$.introspection_endpoint_auth_methods_supported[2]").value(ClientAuthenticationMethod.CLIENT_SECRET_JWT.getValue()),
			
 
				 				jsonPath("$.introspection_endpoint_auth_methods_supported[3]").value(ClientAuthenticationMethod.PRIVATE_KEY_JWT.getValue()),
			
 
				+				jsonPath("$.code_challenge_methods_supported[0]").value("S256"),
			
 
				 				jsonPath("subject_types_supported").value("public"),
			
 
				 				jsonPath("id_token_signing_alg_values_supported").value(SignatureAlgorithm.RS256.getName()),
			
 
				 				jsonPath("scopes_supported").value(OidcScopes.OPENID)
			
--- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/oidc/web/OidcProviderConfigurationEndpointFilterTests.java
+++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/oidc/web/OidcProviderConfigurationEndpointFilterTests.java
@@ -131,6 +131,7 @@ public class OidcProviderConfigurationEndpointFilterTests {
 
				 		assertThat(providerConfigurationResponse).contains("\"revocation_endpoint_auth_methods_supported\":[\"client_secret_basic\",\"client_secret_post\",\"client_secret_jwt\",\"private_key_jwt\"]");
			
 
				 		assertThat(providerConfigurationResponse).contains("\"introspection_endpoint\":\"https://example.com/issuer1/oauth2/v1/introspect\"");
			
 
				 		assertThat(providerConfigurationResponse).contains("\"introspection_endpoint_auth_methods_supported\":[\"client_secret_basic\",\"client_secret_post\",\"client_secret_jwt\",\"private_key_jwt\"]");
			
 
				+		assertThat(providerConfigurationResponse).contains("\"code_challenge_methods_supported\":[\"S256\"]");
			
 
				 		assertThat(providerConfigurationResponse).contains("\"subject_types_supported\":[\"public\"]");
			
 
				 		assertThat(providerConfigurationResponse).contains("\"id_token_signing_alg_values_supported\":[\"RS256\"]");
			
 
				 		assertThat(providerConfigurationResponse).contains("\"userinfo_endpoint\":\"https://example.com/issuer1/userinfo\"");