Don't set our TokenURL - we don't need it right now
TokenURL is used by Fosite to validate clients authenticating with the private_key_jwt method. We don't have any use for this right now, so just leave this blank until we need it. See when Ryan brought this up in https://github.com/vmware-tanzu/pinniped/pull/239#discussion_r528022162. Signed-off-by: Andrew Keesler <akeesler@vmware.com>
This commit is contained in:
parent
03806629b8
commit
37631b41ea
@ -105,7 +105,6 @@ func FositeOauth2Helper(
|
||||
RefreshTokenLifespan: 16 * time.Hour, // long enough for a single workday
|
||||
|
||||
IDTokenIssuer: issuer,
|
||||
TokenURL: "", // TODO set once we have this endpoint written
|
||||
|
||||
ScopeStrategy: fosite.ExactScopeStrategy, // be careful and only support exact string matching for scopes
|
||||
AudienceMatchingStrategy: nil, // I believe the default is fine
|
||||
|
Loading…
Reference in New Issue
Block a user