From a2601f1584a8017d908e5394b264aec7230aedf7 Mon Sep 17 00:00:00 2001
From: Livio Amstutz <livio.a@gmail.com>
Date: Fri, 23 Apr 2021 11:53:03 +0200
Subject: [PATCH] fix: return error when delegating user in jwt profile request
 (#94)

---
 pkg/op/verifier_jwt_profile.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/pkg/op/verifier_jwt_profile.go b/pkg/op/verifier_jwt_profile.go
index c417955..338e39a 100644
--- a/pkg/op/verifier_jwt_profile.go
+++ b/pkg/op/verifier_jwt_profile.go
@@ -69,6 +69,7 @@ func VerifyJWTAssertion(ctx context.Context, assertion string, v JWTProfileVerif
 
 	if request.Issuer != request.Subject {
 		//TODO: implement delegation (openid core / oauth rfc)
+		return nil, errors.New("delegation not yet implemented, issuer and sub must be identical")
 	}
 
 	keySet := &jwtProfileKeySet{v.Storage(), request.Issuer}