diff --git a/src/client.rs b/src/client.rs index 8617a1b..a5c0e72 100644 --- a/src/client.rs +++ b/src/client.rs @@ -11,6 +11,7 @@ use crate::{ ResourceOwnerPassword, ResourceOwnerUsername, ResponseMode, ResponseType, RevocableToken, RevocationRequest, RevocationUrl, Scope, SubjectIdentifier, SubjectIdentifierType, TokenIntrospectionResponse, TokenResponse, TokenUrl, UserInfoRequest, UserInfoUrl, + UserInfoVerifier, }; use std::marker::PhantomData; @@ -661,6 +662,20 @@ where verifier } } + + /// Return an user info verifier for use with the [`UserInfoJsonWebToken::claims`](crate::UserInfoJsonWebToken::claims) + /// method. + pub fn user_info_verifier( + &self, + expected_subject: Option, + ) -> UserInfoVerifier { + UserInfoVerifier::new( + self.client_id.clone(), + self.issuer.clone(), + self.jwks.clone(), + expected_subject, + ) + } } /// Methods requiring an authorization endpoint. diff --git a/src/user_info.rs b/src/user_info.rs index be4b94b..c71a974 100644 --- a/src/user_info.rs +++ b/src/user_info.rs @@ -95,12 +95,7 @@ where access_token, require_signed_response: false, response_type: UserInfoResponseType::Json, - signed_response_verifier: UserInfoVerifier::new( - self.client_id.clone(), - self.issuer.clone(), - self.jwks.clone(), - expected_subject, - ), + signed_response_verifier: self.user_info_verifier(expected_subject), } } } @@ -116,7 +111,7 @@ where pub(crate) url: &'a UserInfoUrl, pub(crate) access_token: AccessToken, pub(crate) require_signed_response: bool, - pub(crate) signed_response_verifier: UserInfoVerifier<'static, JE, K>, + pub(crate) signed_response_verifier: UserInfoVerifier<'a, JE, K>, pub(crate) response_type: UserInfoResponseType, } impl<'a, JE, K> UserInfoRequest<'a, JE, K>