ARC-1269: Minor Fixes after Integration Tests (#23)

ehealthid-rp/src/main/java/com/oviva/ehealthid/relyingparty/ConfigReader.java

@@ -72,8 +72,12 @@ public Config read() {
             .appName(appName)
             .federationMaster(fedmaster)
             .entitySigningKey(federationSigJwksPath.getKeys().get(0).toECKey())
+
+            // safety, remove the private key as we don't need it here
             .entitySigningKeys(federationSigJwksPath.toPublicJWKSet())
-            .relyingPartyEncKeys(federationEncJwksPath.toPublicJWKSet())
+
+            // _MUST NOT_ be public. We need it for decryption.
+            .relyingPartyEncKeys(federationEncJwksPath)
             .ttl(entityStatementTtl)
             .scopes(getScopes())
             .redirectUris(List.of(baseUri.resolve("/auth/callback").toString()))

ehealthid-rp/src/main/java/com/oviva/ehealthid/relyingparty/ws/OpenIdEndpoint.java

@@ -35,7 +35,7 @@ public Response openIdConfiguration() {
         new OpenIdConfiguration(
             baseUri.toString(),
             baseUri.resolve("/auth").toString(),
-            baseUri.resolve("/token").toString(),
+            baseUri.resolve("/auth/token").toString(),
             baseUri.resolve("/jwks.json").toString(),
             List.of("openid"),
             relyingPartyConfig.supportedResponseTypes(),

ehealthid-rp/src/test/java/com/oviva/ehealthid/relyingparty/ws/OpenIdEndpointTest.java

@@ -33,7 +33,7 @@ void openIdConfiguration() {
     assertEquals(BASE_URI.toString(), body.issuer());
     assertEquals(BASE_URI.resolve("/auth").toString(), body.authorizationEndpoint());
     assertEquals(BASE_URI.resolve("/jwks.json").toString(), body.jwksUri());
-    assertEquals(BASE_URI.resolve("/token").toString(), body.tokenEndpoint());
+    assertEquals(BASE_URI.resolve("/auth/token").toString(), body.tokenEndpoint());
     assertEquals(List.of("ES256"), body.idTokenSigningAlgValuesSupported());
   }