barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2026-03-05 06:12:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: include kid in jwks response

Browse Source
This commit is contained in:
Stavros
2026-03-03 22:45:24 +02:00
parent 189ad7115a
commit de980815ce
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
internal/service/oidc_service.go
View File

@@ -8,6 +8,7 @@ import (
"crypto/sha256" "crypto/sha256"
"crypto/x509" "crypto/x509"
"database/sql" "database/sql"
"encoding/base64"
"encoding/json" "encoding/json"
"encoding/pem" "encoding/pem"
"errors" "errors"
@@ -665,10 +666,21 @@ func (service *OIDCService) Cleanup() {
} }
func (service *OIDCService) GetJWK() ([]byte, error) { func (service *OIDCService) GetJWK() ([]byte, error) {
hasher := sha256.New()
der := x509.MarshalPKCS1PublicKey(&service.privateKey.PublicKey)
if der == nil {
return nil, errors.New("failed to marshal public key")
}
hasher.Write(der)
jwk := jose.JSONWebKey{ jwk := jose.JSONWebKey{
Key: service.privateKey, Key: service.privateKey,
Algorithm: string(jose.RS256), Algorithm: string(jose.RS256),
Use: "sig", Use: "sig",
KeyID: base64.URLEncoding.EncodeToString(hasher.Sum(nil)),
} }
return jwk.Public().MarshalJSON() return jwk.Public().MarshalJSON()