outposts/proxy: remove deprecated rs256
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
341c58a722
commit
48ad3dccda
|
@ -1,7 +1,6 @@
|
||||||
package application
|
package application
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
|
||||||
"crypto/tls"
|
"crypto/tls"
|
||||||
"encoding/gob"
|
"encoding/gob"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
@ -49,15 +48,7 @@ func NewApplication(p api.ProxyOutpostConfig, c *http.Client, cs *ak.CryptoStore
|
||||||
log.WithError(err).Warning("Failed to parse URL, skipping provider")
|
log.WithError(err).Warning("Failed to parse URL, skipping provider")
|
||||||
}
|
}
|
||||||
|
|
||||||
// Support for RS256, new proxy providers will use HS256 but old ones
|
ks := hs256.NewKeySet(*p.ClientSecret)
|
||||||
// might not, and this makes testing easier
|
|
||||||
var ks oidc.KeySet
|
|
||||||
if contains(p.OidcConfiguration.IdTokenSigningAlgValuesSupported, "HS256") {
|
|
||||||
ks = hs256.NewKeySet(*p.ClientSecret)
|
|
||||||
} else {
|
|
||||||
ctx := context.WithValue(context.Background(), oauth2.HTTPClient, c)
|
|
||||||
oidc.NewRemoteKeySet(ctx, p.OidcConfiguration.JwksUri)
|
|
||||||
}
|
|
||||||
|
|
||||||
var verifier = oidc.NewVerifier(p.OidcConfiguration.Issuer, ks, &oidc.Config{
|
var verifier = oidc.NewVerifier(p.OidcConfiguration.Issuer, ks, &oidc.Config{
|
||||||
ClientID: *p.ClientId,
|
ClientID: *p.ClientId,
|
||||||
|
|
Reference in a new issue