oidc.rb in rodauth-oauth-0.9.2

- old
+ new

@@ -118,11 +118,12 @@
           if (algo = @oauth_application && @oauth_application[oauth_applications_userinfo_signed_response_alg_column])
             params = {
               jwks: oauth_application_jwks,
               encryption_algorithm: @oauth_application[oauth_applications_userinfo_encrypted_response_alg_column],
               encryption_method: @oauth_application[oauth_applications_userinfo_encrypted_response_enc_column]
-            }
+            }.compact
+
             jwt = jwt_encode(
               oidc_claims,
               signing_algorithm: algo,
               **params
             )
@@ -313,11 +314,11 @@
     end
 
     def create_oauth_grant(create_params = {})
       return super unless (nonce = param_or_nil("nonce"))
 
-      super(oauth_grants_nonce_column => nonce)
+      super(create_params.merge(oauth_grants_nonce_column => nonce))
     end
 
     def create_oauth_token_from_authorization_code(oauth_grant, create_params)
       return super unless oauth_grant[oauth_grants_nonce_column]
 
@@ -355,10 +356,11 @@
       params = {
         jwks: oauth_application_jwks,
         signing_algorithm: oauth_application[oauth_applications_id_token_signed_response_alg_column] || oauth_jwt_algorithm,
         encryption_algorithm: oauth_application[oauth_applications_id_token_encrypted_response_alg_column],
         encryption_method: oauth_application[oauth_applications_id_token_encrypted_response_enc_column]
-      }
+      }.compact
+
       oauth_token[:id_token] = jwt_encode(id_token_claims, **params)
     end
 
     # aka fill_with_standard_claims
     def fill_with_account_claims(claims, account, scopes)