diff options
Diffstat (limited to 'src/oidc/main.go')
| -rw-r--r-- | src/oidc/main.go | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/src/oidc/main.go b/src/oidc/main.go index 9f9d71c..3c9f057 100644 --- a/src/oidc/main.go +++ b/src/oidc/main.go @@ -1,6 +1,9 @@ package main import ( + "crypto/x509" + "encoding/json" + "encoding/pem" "fmt" "io/ioutil" "log" @@ -10,6 +13,7 @@ import ( "github.com/golang-jwt/jwt" "github.com/google/uuid" + "github.com/lestrrat-go/jwx/v2/jwk" ) type AuthorizationRequest struct { @@ -126,7 +130,18 @@ func handler(w http.ResponseWriter, r *http.Request) { } else if r.URL.Path == "/userinfo" { w.WriteHeader(http.StatusNotImplemented) } else if r.URL.Path == "/.well-known/jwks.json" { - w.WriteHeader(http.StatusNotImplemented) + w.Header().Set("Content-Type", "application/json") + keyData, _ := ioutil.ReadFile("insecure.pem") + privatePem, _ := pem.Decode(keyData) + parsedKey, _ := x509.ParsePKCS1PrivateKey(privatePem.Bytes) + key, _ := jwk.FromRaw(parsedKey) + pubKey, _ := jwk.PublicKeyOf(key) + pubKey.Set(jwk.KeyIDKey, "X") + pubKey.Set(jwk.KeyUsageKey, "sig") + + set := jwk.NewSet() + set.Add(pubKey) + json.NewEncoder(w).Encode(set) } else if r.URL.Path == "/revoke" { w.WriteHeader(http.StatusNotImplemented) } else { |