techies/authelia
1
0
Fork 0
mirror of https://github.com/0rangebananaspy/authelia.git synced 2024-09-14 22:47:21 +07:00
Code Issues Projects Releases Wiki Activity

fix: include the jwk key id in the jwt for validation ()

Browse Source 
This is so the sig key used to sign the JWT can be verified using the JWKS endpoint.

Fixes
This commit is contained in:
James Elliott 2021-05-07 11:59:39 +10:00 committed by GitHub
parent 544373de17
commit c0ac8bf5ad
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 1 deletions

5
internal/handlers/oidc.go
View File

@ -100,7 +100,10 @@ func newDefaultOIDCSession(ctx *middlewares.AutheliaCtx) (session *openid.Defaul
Extra: make(map[string]interface{}),
},
Headers: &jwt.Headers{
Extra: make(map[string]interface{}),
Extra: map[string]interface{}{
// TODO: Obtain this from the active keys when we implement key rotation.
"kid": "main-key",
},
},
}, err
}