user info endpoint response uses correct client algorithms, addresses mitreid-connect#921

Author: jricher

openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoJwtView.java

@@ -99,8 +99,8 @@ protected void writeOut(JsonObject json, Map<String, Object> model,
 claims.setJWTID(UUID.randomUUID().toString()); // set a random NONCE in the middle of it
 
 
-if (client.getIdTokenEncryptedResponseAlg() != null && !client.getIdTokenEncryptedResponseAlg().equals(Algorithm.NONE)
-&& client.getIdTokenEncryptedResponseEnc() != null && !client.getIdTokenEncryptedResponseEnc().equals(Algorithm.NONE)
+if (client.getUserInfoEncryptedResponseAlg() != null && !client.getUserInfoEncryptedResponseAlg().equals(Algorithm.NONE)
+&& client.getUserInfoEncryptedResponseEnc() != null && !client.getUserInfoEncryptedResponseEnc().equals(Algorithm.NONE)
 && !Strings.isNullOrEmpty(client.getJwksUri())) {
 
 // encrypt it to the client's key
@@ -109,7 +109,7 @@ protected void writeOut(JsonObject json, Map<String, Object> model,
 
 if (encrypter != null) {
 
-EncryptedJWT encrypted = new EncryptedJWT(new JWEHeader(client.getIdTokenEncryptedResponseAlg(), client.getIdTokenEncryptedResponseEnc()), claims);
+EncryptedJWT encrypted = new EncryptedJWT(new JWEHeader(client.getUserInfoEncryptedResponseAlg(), client.getUserInfoEncryptedResponseEnc()), claims);
 
 encrypter.encryptJwt(encrypted);