From 36f5de32030bb162e278791c828f87f28f07bd34 Mon Sep 17 00:00:00 2001
From: DacongDA <dacongda1@sina.com>
Date: Mon, 28 Apr 2025 09:31:56 +0800
Subject: [PATCH] feat: allow jwks to include the certs from non-admin owner
 (#3749)

---
 object/cert.go           | 6 +++++-
 object/oidc_discovery.go | 2 +-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/object/cert.go b/object/cert.go
index 54f5de7e..3d9fd55c 100644
--- a/object/cert.go
+++ b/object/cert.go
@@ -63,7 +63,11 @@ func GetCertCount(owner, field, value string) (int64, error) {
 
 func GetCerts(owner string) ([]*Cert, error) {
 	certs := []*Cert{}
-	err := ormer.Engine.Where("owner = ? or owner = ? ", "admin", owner).Desc("created_time").Find(&certs, &Cert{})
+	db := ormer.Engine.NewSession()
+	if owner != "" {
+		db = db.Where("owner = ? or owner = ? ", "admin", owner)
+	}
+	err := db.Desc("created_time").Find(&certs, &Cert{})
 	if err != nil {
 		return certs, err
 	}
diff --git a/object/oidc_discovery.go b/object/oidc_discovery.go
index 42438452..9c21aa10 100644
--- a/object/oidc_discovery.go
+++ b/object/oidc_discovery.go
@@ -138,7 +138,7 @@ func GetOidcDiscovery(host string) OidcDiscovery {
 
 func GetJsonWebKeySet() (jose.JSONWebKeySet, error) {
 	jwks := jose.JSONWebKeySet{}
-	certs, err := GetCerts("admin")
+	certs, err := GetCerts("")
 	if err != nil {
 		return jwks, err
 	}