ContainerImage.Pinniped

Author SHA1 Message Date

Author	SHA1	Message	Date
Ryan Richard	e1ae48f2e4	Discovery does not return `token_endpoint_auth_signing_alg_values_supported` `token_endpoint_auth_signing_alg_values_supported` is only related to private_key_jwt and client_secret_jwt client authentication methods at the token endpoint, which we do not support. See https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata for more details. Signed-off-by: Aram Price <pricear@vmware.com>	2020-12-07 14:15:31 -08:00
Andrew Keesler	fe2e2bdff1	Our ID token signing algorithm is ES256, not RS256 We are currently using EC keys to sign ID tokens, so we should reflect that in our OIDC discovery metadata. Signed-off-by: Andrew Keesler <akeesler@vmware.com>	2020-12-03 07:46:07 -05:00
Ryan Richard	d9d76726c2	Implement per-issuer OIDC JWKS endpoint	2020-10-16 17:51:40 -07:00

Ryan Richard

e1ae48f2e4

Discovery does not return token_endpoint_auth_signing_alg_values_supported

`token_endpoint_auth_signing_alg_values_supported` is only related to
private_key_jwt and client_secret_jwt client authentication methods
at the token endpoint, which we do not support. See
https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata
for more details.

Signed-off-by: Aram Price <pricear@vmware.com>

2020-12-07 14:15:31 -08:00

Andrew Keesler

fe2e2bdff1

Our ID token signing algorithm is ES256, not RS256

We are currently using EC keys to sign ID tokens, so we should reflect that in
our OIDC discovery metadata.

Signed-off-by: Andrew Keesler <akeesler@vmware.com>

2020-12-03 07:46:07 -05:00

Ryan Richard

d9d76726c2

Implement per-issuer OIDC JWKS endpoint

2020-10-16 17:51:40 -07:00

3 Commits