From a34b1412ed85366c9a4b7ff3c141a9dde8349147 Mon Sep 17 00:00:00 2001
From: James Elliott <james-d-elliott@users.noreply.github.com>
Date: Sat, 15 Apr 2023 20:55:38 +1000
Subject: [PATCH] feat(oidc): client_secret_jwt authentication

This adds the authentication machinery for the client_secret_jwt Default Client Authentication Strategy.

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
---
 internal/configuration/validator/identity_providers_test.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/internal/configuration/validator/identity_providers_test.go b/internal/configuration/validator/identity_providers_test.go
index e00b76141..edd438b32 100644
--- a/internal/configuration/validator/identity_providers_test.go
+++ b/internal/configuration/validator/identity_providers_test.go
@@ -1884,11 +1884,11 @@ func TestValidateOIDCClients(t *testing.T) {
 			"ShouldRaiseErrorOnInvalidTokenAuthAlgClientTypeConfidential",
 			func(have *schema.OpenIDConnectConfiguration) {
 				have.Clients[0].TokenEndpointAuthMethod = oidc.ClientAuthMethodClientSecretJWT
-				have.Clients[0].TokenEndpointAuthSigningAlg = "abcinvalid"
+				have.Clients[0].TokenEndpointAuthSigningAlg = "abc"
 				have.Clients[0].Secret = MustDecodeSecret("$plaintext$abc123")
 			},
 			func(t *testing.T, have *schema.OpenIDConnectConfiguration) {
-				assert.Equal(t, "abcinvalid", have.Clients[0].TokenEndpointAuthSigningAlg)
+				assert.Equal(t, "abc", have.Clients[0].TokenEndpointAuthSigningAlg)
 			},
 			tcv{
 				nil,