mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
fix: include the jwk key id in the jwt for validation (#1983)
This is so the sig key used to sign the JWT can be verified using the JWKS endpoint. Fixes #1979
This commit is contained in:
parent
544373de17
commit
c0ac8bf5ad
|
@ -100,7 +100,10 @@ func newDefaultOIDCSession(ctx *middlewares.AutheliaCtx) (session *openid.Defaul
|
|||
Extra: make(map[string]interface{}),
|
||||
},
|
||||
Headers: &jwt.Headers{
|
||||
Extra: make(map[string]interface{}),
|
||||
Extra: map[string]interface{}{
|
||||
// TODO: Obtain this from the active keys when we implement key rotation.
|
||||
"kid": "main-key",
|
||||
},
|
||||
},
|
||||
}, err
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user