fix: allow other target urls as audience, not just token_endpoint

tronghn · tronghn · commit 71e81342677a · 2025-06-05T14:06:36.000+02:00
This fixes an unintentional breaking change introduced in 62a5bad.
diff --git a/src/main/kotlin/no/nav/security/mock/oauth2/http/OAuth2HttpRequest.kt b/src/main/kotlin/no/nav/security/mock/oauth2/http/OAuth2HttpRequest.kt
@@ -39,7 +39,7 @@ data class OAuth2HttpRequest(
                 clientAuthentication.requirePrivateKeyJwt(
                     requiredAudience = this.url.toIssuerUrl().toString(),
                     maxLifetimeSeconds = 120,
-                    additionalAcceptedAudience = this.url.toTokenEndpointUrl().toString(),
+                    additionalAcceptedAudience = this.url.toString(),
                 )
         }
         val tokenExchangeGrant = TokenExchangeGrant.parse(formParameters.map)

Original file line number	Diff line number	Diff line change
`@@ -39,7 +39,7 @@ data class OAuth2HttpRequest(`
`39`	`39`	`clientAuthentication.requirePrivateKeyJwt(`
`40`	`40`	`requiredAudience = this.url.toIssuerUrl().toString(),`
`41`	`41`	`maxLifetimeSeconds = 120,`
`42`		`- additionalAcceptedAudience = this.url.toTokenEndpointUrl().toString(),`
	`42`	`+ additionalAcceptedAudience = this.url.toString(),`
`43`	`43`	`)`
`44`	`44`	`}`
`45`	`45`	`val tokenExchangeGrant = TokenExchangeGrant.parse(formParameters.map)`