From 506ac3b338e47374a88acab668a133664a923c59 Mon Sep 17 00:00:00 2001 From: Jonathan Daggerhart Date: Fri, 29 May 2015 15:29:09 -0400 Subject: [PATCH] fixing bad identity_key check --- openid-connect-generic.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openid-connect-generic.php b/openid-connect-generic.php index bb1425d..2468b34 100644 --- a/openid-connect-generic.php +++ b/openid-connect-generic.php @@ -247,7 +247,7 @@ class OpenID_Connect_Generic { $user_claim = json_decode( $user_claim_result['body'], true ); // make sure the id_token sub === user_claim sub, according to spec - if ( $id_token_claim['sub'] !== $user_claim['sub'] ) { + if ( $id_token_claim[ $settings['identity_key'] ] !== $user_claim['sub'] ) { $this->error_redirect( 4 ); }