feat: add well-known jwks.json endpoint

2022-02-26 18:14:43 +05:30
parent ad46210112
commit 145091dce1
13 changed files with 156 additions and 58 deletions
--- a/server/handlers/jwks.go
+++ b/server/handlers/jwks.go
@@ -0,0 +1,21 @@
+package handlers
+
+import (
+	"encoding/json"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/gin-gonic/gin"
+)
+
+func JWKsHandler() gin.HandlerFunc {
+	var data map[string]string
+	json.Unmarshal([]byte(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJWK)), &data)
+	return func(c *gin.Context) {
+		c.JSON(200, gin.H{
+			"keys": []map[string]string{
+				data,
+			},
+		})
+	}
+}
--- a/server/handlers/openid_config.go
+++ b/server/handlers/openid_config.go
@@ -1,8 +1,6 @@
 package handlers

 import (
-	"strings"
-
 	"github.com/gin-gonic/gin"

 	"github.com/authorizerdev/authorizer/server/constants"
@@ -13,11 +11,6 @@ import (
 // OpenIDConfigurationHandler handler for open-id configurations
 func OpenIDConfigurationHandler() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		if strings.Contains(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtType), "HS") {
-			c.JSON(400, gin.H{"error": "openid not supported for HSA algorithm"})
-			return
-		}
-
 		issuer := utils.GetHost(c)
 		jwtType := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtType)

@@ -26,7 +19,7 @@ func OpenIDConfigurationHandler() gin.HandlerFunc {
 			"authorization_endpoint":                issuer + "/authorize",
 			"token_endpoint":                        issuer + "/oauth/token",
 			"userinfo_endpoint":                     issuer + "/userinfo",
-			"jwks_uri":                              issuer + "/jwks.json",
+			"jwks_uri":                              issuer + "/.well-known/jwks.json",
 			"response_types_supported":              []string{"code", "token", "id_token", "code token", "code id_token", "token id_token", "code token id_token"},
 			"scopes_supported":                      []string{"openid", "email", "profile", "email_verified", "given_name", "family_name", "nick_name", "picture"},
 			"response_modes_supported":              []string{"query", "fragment", "form_post"},