ContainerImage.Pinniped/internal/controller/supervisorconfig/testdata/private-jwks.json
Andrew Keesler e05213f9dd
supervisor-generate-key: use EC keys intead of RSA
EC keys are smaller and take less time to generate. Our integration
tests were super flakey because generating an RSA key would take up to
10 seconds *gasp*. The main token verifier that we care about is
Kubernetes, which supports P256, so hopefully it won't be that much of
an issue that our default signing key type is EC. The OIDC spec seems
kinda squirmy when it comes to using non-RSA signing algorithms...

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-10-15 11:33:08 -04:00

15 lines
328 B
JSON

{
"keys": [
{
"use": "sig",
"kty": "EC",
"kid": "pinniped-supervisor-key",
"crv": "P-256",
"alg": "ES256",
"x": "awmmj6CIMhSoJyfsqH7sekbTeY72GGPLEy16tPWVz2U",
"y": "FcMh06uXLaq9b2MOixlLVidUkycO1u7IHOkrTi7N0aw",
"d": "1HY8B25gE7rgJoNPi8ugyefzLhRflVMV04DvBRAXSf8"
}
]
}