keystore after creating Client object via registration client uri

[mogeda]

I'm having a problem with Client.authorizationCallback for a specific client. The test client was registered via /reg API successfully to the provider which is basically oidc-provider module, I created a Client object by fromUri without a problem.

Tracing with debug log shows that the server side returned all data including id_token encrypted. It looks Client.decryptIdToken is failing with missing keystore in Client.

The other test client without id_token encryption option has no problem. Here a part of metadata for the client which has a problem, FYI. Please advise on this. Thanks.

"id_token_encrypted_response_alg" : "RSA1_5",
"jwks" : {
    "keys" : [ 
        {
            "kty" : "RSA",
            "kid" : "by8d5ZH8nCeQVVNfLRYXsyFWz-CQKiMIl3vcg6lyp1E",
            "e" : "AQAB",
            "n" : "igpjcaxuJwtX_TOQjHjQmLoSm8d9JS5UhkBtWb37_YFFdTDelZ8YbmrinqGR2GHsn8ZAasT4Y-wtrg6_NMvb2B3P4GDJZ5nbYBJmDkvpiCjM63M46Lm89RJ8STFAuxdVoUolBtxHtCVixHJh95BIHbMApaRJxpBF-dbvwU0n6WF6IOJLVipKfwZ70vgvu35_bwCVSk8SVq4ok9gVc6DsnxfP_6SuRPxJreYzxfjY4xT5emDw9dPF1zGFp8EQ5O-xAyeYrsGlfpIm0iM3E63DPOGEEZt8qjR0tPDF1t7x_5R2ZVkQ2p-MOd5kg2wKY-LjfOMoP0YlXUgE0yC7TaQmWw"
        }
    ]
},
"id_token_encrypted_response_enc" : "A128CBC-HS256",

[panva]

Looks fromUri does not support to pass in the keystore with private keys unlike the regular contructor or register does and of course the public keys the provider has and maybe? not sure, returns are not enough to decrypt.

Just instantiate your client using new and pass it the keystore with your private keys you used during register.

[panva]

fromUri now also accepts keystore argument. See v1.13.0 changelog.

[mogeda]

pulled new version and validated. thanks so much!