llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-03 20:50:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

Only consider x509 certs in /.well-known/jwks API

Browse Source
This commit is contained in:
Yang Luo
2023-07-12 22:39:39 +08:00
parent 0d48da24dc
commit caec1d1bac
3 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
object/oidc_discovery.go
View File

@ -123,6 +123,10 @@ func GetJsonWebKeySet() (jose.JSONWebKeySet, error) {
// link here: https://self-issued.info/docs/draft-ietf-jose-json-web-key.html
// or https://datatracker.ietf.org/doc/html/draft-ietf-jose-json-web-key
for _, cert := range certs {
if cert.Type != "x509" {
continue
}
certPemBlock := []byte(cert.Certificate)
certDerBlock, _ := pem.Decode(certPemBlock)
x509Cert, _ := x509.ParseCertificate(certDerBlock.Bytes)