diff --git a/lib/onc_certification_g10_test_kit/authorization_request_builder.rb b/lib/onc_certification_g10_test_kit/authorization_request_builder.rb index 9b1695ca..0835f6f4 100644 --- a/lib/onc_certification_g10_test_kit/authorization_request_builder.rb +++ b/lib/onc_certification_g10_test_kit/authorization_request_builder.rb @@ -25,7 +25,7 @@ def initialize( client_assertion_type: 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer', exp: 5.minutes.from_now, jti: SecureRandom.hex(32), - kid: + kid: nil ) @encryption_method = encryption_method @scope = scope diff --git a/lib/onc_certification_g10_test_kit/bulk_data_authorization.rb b/lib/onc_certification_g10_test_kit/bulk_data_authorization.rb index 24a27dcf..033e9533 100644 --- a/lib/onc_certification_g10_test_kit/bulk_data_authorization.rb +++ b/lib/onc_certification_g10_test_kit/bulk_data_authorization.rb @@ -41,7 +41,10 @@ class BulkDataAuthorization < Inferno::TestGroup } input :bulk_jwks_kid, title: 'Bulk Data JWKS kid', - description: 'The key ID of the JWKS private key to use for signing the client assertion when fetching an auth token. Defaults to the first JWK in the list if no kid is supplied.', + description: <<~DESCRIPTION, + The key ID of the JWKS private key to use for signing the client assertion when fetching an auth token. + Defaults to the first JWK in the list if no kid is supplied. + DESCRIPTION optional: true output :bearer_token @@ -161,7 +164,8 @@ class BulkDataAuthorization < Inferno::TestGroup scope: bulk_scope, iss: 'not_a_valid_iss', sub: bulk_client_id, - aud: bulk_token_endpoint) + aud: bulk_token_endpoint, + kid: bulk_jwks_kid) post(**{ client: :token_endpoint }.merge(post_request_content))