feat: implement jwks_uri handler in oidc discovery (#334)

Signed-off-by: Товарищ <2962928213@qq.com>
2025-07-03 12:30:19 +08:00 · 2021-11-22 17:47:44 +08:00
parent 44b59d866a
commit bddd57cda8
6 changed files with 36 additions and 1 deletions
--- a/object/oidc_discovery.go
+++ b/object/oidc_discovery.go
@ -15,8 +15,12 @@
 package object

 import (
+	"crypto/x509"
+	"encoding/pem"
 	"fmt"

+	jose "gopkg.in/square/go-jose.v2"
+
 	"github.com/astaxie/beego"
 )

@ -68,3 +72,20 @@ func init() {
 func GetOidcDiscovery() OidcDiscovery {
 	return oidcDiscovery
 }
+
+func GetJSONWebKeySet() (jose.JSONWebKeySet, error) {
+	//follows the protocol rfc 7517(draft)
+	//link here: https://self-issued.info/docs/draft-ietf-jose-json-web-key.html
+	//or https://datatracker.ietf.org/doc/html/draft-ietf-jose-json-web-key
+	certPEMBlock := []byte(tokenJwtPublicKey)
+	certDERBlock, _ := pem.Decode(certPEMBlock)
+	x509Cert, _ := x509.ParseCertificate(certDERBlock.Bytes)
+
+	var jwk jose.JSONWebKey
+	jwk.Key = x509Cert.PublicKey
+	jwk.Certificates = []*x509.Certificate{x509Cert}
+
+	var jwks jose.JSONWebKeySet
+	jwks.Keys = []jose.JSONWebKey{jwk}
+	return jwks, nil
+}