Tree:
aa93d7111e
dev
rel/7.2.0
1.0.0
1.0.0-rc1
1.0.0-rc2
1.0.0-rc3
2.0.0
2.0.0-rc1
2.0.0-rc2
2.0.0-rc3
2.0.1
3.0.0
3.0.0-beta1
3.0.0-beta2
3.0.0-beta3
3.0.0-beta4
3.0.0-beta5
3.0.0-beta6
3.0.0-rc1
3.0.0-rc2
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.1.0
3.1.1
4.0.0
4.0.0-preview1
4.0.0-preview2
4.0.0-preview3
4.0.0-preview4
4.0.0-preview5
4.0.0-preview6
4.0.0-rc1
4.0.0-rc2
4.1.0
4.10.0
4.10.1
4.2.0
4.3.0
4.4.0
4.5.0
4.6.0
4.7.0
4.8.0
4.9.0
5.0.0
5.0.0-preview1
5.0.0-preview2
5.0.0-preview3
5.0.0-rc1
5.0.1
5.1.0
5.2.0
5.3.0
5.4.0
5.5.0
5.6.0
5.7.0
5.7.1
5.8.0
6.0.0
6.0.0-preview1
6.0.0-preview2
6.0.0-preview3
6.0.0-preview4
6.0.0-rc1
6.1.0
6.1.1
6.2.0
6.2.1
6.3.0
6.4.0
7.0.0
7.0.0-preview.1
7.0.0-preview.2
7.0.0-preview.3
7.0.0-preview.4
7.1.0
7.2.0
${ noResults }
1 Commits (aa93d7111e9b03ec603254146ff4202f49d90780)
| Author | SHA1 | Message | Date |
|---|---|---|---|
Thor Arne Johansen
|
aa93d7111e |
Fix CIMD token exchange by moving fetch handler to ProcessAuthenticationContext
The CIMD metadata document fetch was running in the outer ValidateAuthorizationRequestContext pipeline, which only covers the authorize endpoint. During token exchange, ValidateClientType runs inside ProcessAuthenticationContext (before the outer pipeline handler) and calls FindByClientIdAsync — which returns null because the CIMD context was never populated for that request. Move FetchClientIdMetadataDocument to target ProcessAuthenticationContext with order between ValidateClientId and ValidateClientType. This ensures the CIMD document is fetched for all endpoint types (authorize, token, etc.) before the client type validation occurs. |
1 week ago |