fosite icon indicating copy to clipboard operation
fosite copied to clipboard
verified publisher icon ory

feat: store JWT claims in access request

Open phooijenga opened this issue 10 months ago • 2 comments

Store the decoded JWT claims in the access request when performing an RFC 7523 request, so they can be inspected after validation.

Related Issue or Design Document

https://github.com/ory/hydra/pull/3949

Checklist

  • [x] I have read the contributing guidelines and signed the CLA.
  • [ ] I have referenced an issue containing the design document if my change introduces a new feature.
  • [x] I have read the security policy.
  • [x] I confirm that this pull request does not address a security vulnerability. If this pull request addresses a security vulnerability, I confirm that I got approval (please contact [email protected]) from the maintainers to push the changes.
  • [ ] I have added tests that prove my fix is effective or that my feature works.
  • [ ] I have added the necessary documentation within the code base (if appropriate).

Further comments

phooijenga avatar Feb 25 '25 21:02 phooijenga

Please rebase from latest master branch to fix CI issues.

mitar avatar Jul 01 '25 12:07 mitar

I am not completely sure you need this? I do ar.GetSession().(*OIDCSession).JWTClaims in my code (JWTClaims is where I store claims inside my OIDCSession implementation).

Example here and example here.

mitar avatar Jul 01 '25 12:07 mitar