feat: support minio (#418)

Signed-off-by: abingcbc <abingcbc626@gmail.com>
2025-05-23 02:35:49 +08:00 · 2022-01-13 21:48:00 +08:00 · 2022-01-13 21:48:00 +08:00 · fe48c38bc6
commit fe48c38bc6
parent 1be777c08f
2 changed files with 5 additions and 0 deletions
--- a/object/oidc_discovery.go
+++ b/object/oidc_discovery.go
@ -85,6 +85,7 @@ func GetJsonWebKeySet() (jose.JSONWebKeySet, error) {
 	var jwk jose.JSONWebKey
 	jwk.Key = x509Cert.PublicKey
 	jwk.Certificates = []*x509.Certificate{x509Cert}
+	jwk.KeyID = cert.Name

 	var jwks jose.JSONWebKeySet
 	jwks.Keys = []jose.JSONWebKey{jwk}
--- a/object/token_jwt.go
+++ b/object/token_jwt.go
@ -26,6 +26,7 @@ import (
 type Claims struct {
 	*User
 	Nonce string `json:"nonce,omitempty"`
+	Tag   string `json:"tag,omitempty"`
 	jwt.RegisteredClaims
 }

@ -67,6 +68,8 @@ func generateJwtToken(application *Application, user *User, nonce string) (strin
 	claims := Claims{
 		User:  user,
 		Nonce: nonce,
+		// FIXME: A workaround for custom claim by reusing `tag` in user info
+		Tag: user.Tag,
 		RegisteredClaims: jwt.RegisteredClaims{
 			Issuer:    beego.AppConfig.String("origin"),
 			Subject:   user.Id,
@ -102,6 +105,7 @@ func generateJwtToken(application *Application, user *User, nonce string) (strin
 		return "", "", err
 	}

+	token.Header["kid"] = cert.Name
 	tokenString, err := token.SignedString(key)
 	if err != nil {
 		return "", "", err