_Bastler/we.bstly-back
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

add id_token_signing_alg_values_supported to OIDC discovery

Browse Source
This commit is contained in:
_Bastler
2025-05-11 12:26:30 +02:00
parent 88ebefb283
commit ff38b12fa9
3 changed files with 19 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
oidc/src/main/java/de/bstly/we/oidc/controller/OidcDiscoveryController.java
+9
View File
@@ -16,9 +16,13 @@ import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController; import org.springframework.web.bind.annotation.RestController;
import com.google.common.collect.Sets; import com.google.common.collect.Sets;
import com.nimbusds.jose.JWSAlgorithm;
import de.bstly.we.controller.support.EntityResponseStatusException; import de.bstly.we.controller.support.EntityResponseStatusException;
import de.bstly.we.jwt.businesslogic.JwtKeyManager;
import de.bstly.we.jwt.model.JwtKey;
import de.bstly.we.oidc.businesslogic.OidcClientManager; import de.bstly.we.oidc.businesslogic.OidcClientManager;
import de.bstly.we.oidc.businesslogic.OidcTokenManager;
import de.bstly.we.oidc.controller.model.OidcConfiguration; import de.bstly.we.oidc.controller.model.OidcConfiguration;
/** /**
@@ -30,6 +34,8 @@ public class OidcDiscoveryController {
@Autowired @Autowired
private OidcClientManager oidcClientManager; private OidcClientManager oidcClientManager;
@Autowired
private JwtKeyManager jwtKeyManager;
/** /**
* Gets the configuration. * Gets the configuration.
@@ -43,6 +49,8 @@ public class OidcDiscoveryController {
OidcConfiguration config = new OidcConfiguration(); OidcConfiguration config = new OidcConfiguration();
String issuer = oidcClientManager.getIssuer(request); String issuer = oidcClientManager.getIssuer(request);
JwtKey jwtKey = jwtKeyManager.getLatest(OidcTokenManager.OIDC_JWT_KEY_NAME, false);
JWSAlgorithm algorithm = jwtKeyManager.getJwsAlgorithm(jwtKey);
config.setIssuer(issuer); config.setIssuer(issuer);
config.setScopes_supported(Sets.newHashSet("openid")); config.setScopes_supported(Sets.newHashSet("openid"));
@@ -50,6 +58,7 @@ public class OidcDiscoveryController {
config.setGrant_types_supported(Sets.newHashSet("authorization_code")); config.setGrant_types_supported(Sets.newHashSet("authorization_code"));
config.setToken_endpoint_auth_methods_supported(Sets.newHashSet("client_secret_post", "client_secret_basic")); config.setToken_endpoint_auth_methods_supported(Sets.newHashSet("client_secret_post", "client_secret_basic"));
config.setSubject_types_supported(Sets.newHashSet("public")); config.setSubject_types_supported(Sets.newHashSet("public"));
config.setId_token_signing_alg_values_supported(Sets.newHashSet(algorithm.getName()));
try { try {
config.setAuthorization_endpoint(new URI(issuer + "/oidc/authorize")); config.setAuthorization_endpoint(new URI(issuer + "/oidc/authorize"));
oidc/src/main/java/de/bstly/we/oidc/controller/model/OidcConfiguration.java
+9
View File
@@ -21,6 +21,7 @@ public class OidcConfiguration {
private Set<String> subject_types_supported; private Set<String> subject_types_supported;
private Set<String> grant_types_supported; private Set<String> grant_types_supported;
private Set<String> token_endpoint_auth_methods_supported; private Set<String> token_endpoint_auth_methods_supported;
private Set<String> id_token_signing_alg_values_supported;
/** /**
* Gets the issuer. * Gets the issuer.
@@ -203,4 +204,12 @@ public class OidcConfiguration {
this.token_endpoint_auth_methods_supported = token_endpoint_auth_methods_supported; this.token_endpoint_auth_methods_supported = token_endpoint_auth_methods_supported;
} }
public Set<String> getId_token_signing_alg_values_supported() {
return id_token_signing_alg_values_supported;
}
public void setId_token_signing_alg_values_supported(Set<String> id_token_signing_alg_values_supported) {
this.id_token_signing_alg_values_supported = id_token_signing_alg_values_supported;
}
} }
pom.xml
+1 -1
View File
@@ -14,7 +14,7 @@
<java.version>17</java.version> <java.version>17</java.version>
<querydsl.version>5.0.0</querydsl.version> <querydsl.version>5.0.0</querydsl.version>
<nimbus.version>9.37.3</nimbus.version> <nimbus.version>9.37.3</nimbus.version>
<revision>3.0.6-SNAPSHOT</revision> <revision>3.0.7-SNAPSHOT</revision>
</properties> </properties>
<parent> <parent>