add id_token_signing_alg_values_supported to OIDC discovery
This commit is contained in:
@@ -16,9 +16,13 @@ import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import com.google.common.collect.Sets;
|
||||
import com.nimbusds.jose.JWSAlgorithm;
|
||||
|
||||
import de.bstly.we.controller.support.EntityResponseStatusException;
|
||||
import de.bstly.we.jwt.businesslogic.JwtKeyManager;
|
||||
import de.bstly.we.jwt.model.JwtKey;
|
||||
import de.bstly.we.oidc.businesslogic.OidcClientManager;
|
||||
import de.bstly.we.oidc.businesslogic.OidcTokenManager;
|
||||
import de.bstly.we.oidc.controller.model.OidcConfiguration;
|
||||
|
||||
/**
|
||||
@@ -30,6 +34,8 @@ public class OidcDiscoveryController {
|
||||
|
||||
@Autowired
|
||||
private OidcClientManager oidcClientManager;
|
||||
@Autowired
|
||||
private JwtKeyManager jwtKeyManager;
|
||||
|
||||
/**
|
||||
* Gets the configuration.
|
||||
@@ -43,6 +49,8 @@ public class OidcDiscoveryController {
|
||||
OidcConfiguration config = new OidcConfiguration();
|
||||
|
||||
String issuer = oidcClientManager.getIssuer(request);
|
||||
JwtKey jwtKey = jwtKeyManager.getLatest(OidcTokenManager.OIDC_JWT_KEY_NAME, false);
|
||||
JWSAlgorithm algorithm = jwtKeyManager.getJwsAlgorithm(jwtKey);
|
||||
|
||||
config.setIssuer(issuer);
|
||||
config.setScopes_supported(Sets.newHashSet("openid"));
|
||||
@@ -50,6 +58,7 @@ public class OidcDiscoveryController {
|
||||
config.setGrant_types_supported(Sets.newHashSet("authorization_code"));
|
||||
config.setToken_endpoint_auth_methods_supported(Sets.newHashSet("client_secret_post", "client_secret_basic"));
|
||||
config.setSubject_types_supported(Sets.newHashSet("public"));
|
||||
config.setId_token_signing_alg_values_supported(Sets.newHashSet(algorithm.getName()));
|
||||
|
||||
try {
|
||||
config.setAuthorization_endpoint(new URI(issuer + "/oidc/authorize"));
|
||||
|
||||
@@ -21,6 +21,7 @@ public class OidcConfiguration {
|
||||
private Set<String> subject_types_supported;
|
||||
private Set<String> grant_types_supported;
|
||||
private Set<String> token_endpoint_auth_methods_supported;
|
||||
private Set<String> id_token_signing_alg_values_supported;
|
||||
|
||||
/**
|
||||
* Gets the issuer.
|
||||
@@ -203,4 +204,12 @@ public class OidcConfiguration {
|
||||
this.token_endpoint_auth_methods_supported = token_endpoint_auth_methods_supported;
|
||||
}
|
||||
|
||||
public Set<String> getId_token_signing_alg_values_supported() {
|
||||
return id_token_signing_alg_values_supported;
|
||||
}
|
||||
|
||||
public void setId_token_signing_alg_values_supported(Set<String> id_token_signing_alg_values_supported) {
|
||||
this.id_token_signing_alg_values_supported = id_token_signing_alg_values_supported;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user