From c8e1b02c6c53e459c1f975cebb3ee2e0ffc44431 Mon Sep 17 00:00:00 2001
From: Wesley Fantinel <wesley.fantinel@gmail.com>
Date: Thu, 9 Jul 2020 09:48:04 -0300
Subject: [PATCH 1/2] adds audience into Extra at oauth2 introspection

---
 pipeline/authn/authenticator_oauth2_introspection.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pipeline/authn/authenticator_oauth2_introspection.go b/pipeline/authn/authenticator_oauth2_introspection.go
index 8ffe319985..9941a7b7d0 100644
--- a/pipeline/authn/authenticator_oauth2_introspection.go
+++ b/pipeline/authn/authenticator_oauth2_introspection.go
@@ -204,6 +204,10 @@ func (a *AuthenticatorOAuth2Introspection) Authenticate(r *http.Request, session
 		i.Extra["client_id"] = i.ClientID
 		i.Extra["scope"] = i.Scope
 
+		if len(i.Audience) != 0 {
+			i.Extra["aud"] = strings.Join(i.Audience, " ")
+		}
+
 		a.tokenToCache(cf, i, token)
 	}
 

From 1eccd25b4dbc1df8451a592a7826ba0d4e1f6432 Mon Sep 17 00:00:00 2001
From: hackerman <3372410+aeneasr@users.noreply.github.com>
Date: Fri, 23 Apr 2021 10:04:41 +0200
Subject: [PATCH 2/2] Update
 pipeline/authn/authenticator_oauth2_introspection.go

---
 pipeline/authn/authenticator_oauth2_introspection.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pipeline/authn/authenticator_oauth2_introspection.go b/pipeline/authn/authenticator_oauth2_introspection.go
index 9941a7b7d0..e0c3f4a565 100644
--- a/pipeline/authn/authenticator_oauth2_introspection.go
+++ b/pipeline/authn/authenticator_oauth2_introspection.go
@@ -205,7 +205,7 @@ func (a *AuthenticatorOAuth2Introspection) Authenticate(r *http.Request, session
 		i.Extra["scope"] = i.Scope
 
 		if len(i.Audience) != 0 {
-			i.Extra["aud"] = strings.Join(i.Audience, " ")
+			i.Extra["aud"] = i.Audience
 		}
 
 		a.tokenToCache(cf, i, token)