From e3bd834b85e1945918919b3ab6644dff03ed9e5f Mon Sep 17 00:00:00 2001
From: Stavros <steveiliop56@gmail.com>
Date: Sun, 8 Mar 2026 11:38:58 +0200
Subject: [PATCH] fix: support pkix public keys in oidc

---
 internal/service/oidc_service.go | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/internal/service/oidc_service.go b/internal/service/oidc_service.go
index 4aaca14..5f62eb3 100644
--- a/internal/service/oidc_service.go
+++ b/internal/service/oidc_service.go
@@ -204,11 +204,22 @@ func (service *OIDCService) Init() error {
 		if block == nil {
 			return errors.New("failed to decode public key")
 		}
-		publicKey, err := x509.ParsePKCS1PublicKey(block.Bytes)
-		if err != nil {
-			return err
+		switch block.Type {
+		case "RSA PRIVATE KEY":
+			publicKey, err := x509.ParsePKCS1PublicKey(block.Bytes)
+			if err != nil {
+				return err
+			}
+			service.publicKey = publicKey
+		case "PUBLIC KEY":
+			publicKey, err := x509.ParsePKIXPublicKey(block.Bytes)
+			if err != nil {
+				return err
+			}
+			service.publicKey = publicKey.(crypto.PublicKey)
+		default:
+			return errors.New("unsupported public key type")
 		}
-		service.publicKey = publicKey
 	}
 
 	// We will reorganize the client into a map with the client ID as the key