hsiegeln 3a93b68ea5 fix: split JWK fetch (Docker-internal) from issuer validation (localhost) ...

crypto.subtle requires a secure context, so the browser must access
everything via localhost. The custom JwtDecoder already supports this
split: jwk-set-uri uses Docker-internal logto:3001 for network fetch,
while issuer-uri uses localhost:3001 for string-only claim validation.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-05 17:16:04 +02:00

7.2 KiB

Raw Blame History

View Raw