From 16e51b2f9b7e829dc4f0e9ba6ae5f71c5d70030f Mon Sep 17 00:00:00 2001 From: Yohanes Gultom Date: Thu, 16 May 2024 07:48:47 +0700 Subject: [PATCH 1/2] Update README.md --- README.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/README.md b/README.md index 6515448..2bf3eb9 100644 --- a/README.md +++ b/README.md @@ -88,6 +88,15 @@ class IdentityEntity implements IdentityEntityInterface } ``` +### 3.) Update authorization view + +Ensure the `nonce` is passed as query parameter to `passport.authorizations.approve`. + +Example based on default Passport's `authorize.blade.php`: +``` +
+``` + ### The id token is a JWT and the client should verify the signature. Here is an example to verify the signature with lcobucci/jwt From d8b0f674623e28be59d438c2fc3b1c73c25b0c80 Mon Sep 17 00:00:00 2001 From: Yohanes Gultom Date: Thu, 16 May 2024 17:49:25 +0700 Subject: [PATCH 2/2] Update README.md --- README.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 2bf3eb9..8b3c9d9 100644 --- a/README.md +++ b/README.md @@ -88,15 +88,6 @@ class IdentityEntity implements IdentityEntityInterface } ``` -### 3.) Update authorization view - -Ensure the `nonce` is passed as query parameter to `passport.authorizations.approve`. - -Example based on default Passport's `authorize.blade.php`: -``` - -``` - ### The id token is a JWT and the client should verify the signature. Here is an example to verify the signature with lcobucci/jwt @@ -120,6 +111,15 @@ In case you want to change the default scopes, add custom claim sets or change t php artisan vendor:publish --tag=openid ``` +### Using nonce + +When `nonce` is required, you need to pass it as a query parameter to `passport.authorizations.approve` during authorization step. + +Example based on default Passport's `authorize.blade.php`: +``` + +``` + ### Optional Configuration You can add any JWT Token Headers that you want to the `token_headers` array in your `openid` configuration file.