Preflight checklist
Ory Network Project
No response
Describe the bug
In this discussion I realized that id_token_hint is persisted to the storage in Fosite and it probably should not be. I think subject from the id_token_hint should be extracted early and only subject should be stored in the session, not the whole id_token_hint.
Reproducing the bug
Looking at the code here: https://github.com/ory/fosite/blob/master/handler/openid/flow_explicit_auth.go#L29-L35
Relevant log output
No response
Relevant configuration
No response
Version
latest master
On which operating system are you observing this issue?
None
In which environment are you deploying?
None
Additional Context
No response
Preflight checklist
Ory Network Project
No response
Describe the bug
In this discussion I realized that
id_token_hintis persisted to the storage in Fosite and it probably should not be. I think subject from theid_token_hintshould be extracted early and only subject should be stored in the session, not the wholeid_token_hint.Reproducing the bug
Looking at the code here: https://github.com/ory/fosite/blob/master/handler/openid/flow_explicit_auth.go#L29-L35
Relevant log output
No response
Relevant configuration
No response
Version
latest master
On which operating system are you observing this issue?
None
In which environment are you deploying?
None
Additional Context
No response