Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add ability to override JWKS URL for OIDC connector #3527

Closed
wants to merge 1 commit into from

Conversation

nabokihms
Copy link
Member

Overview

Add an option to override discovered JWKS endpoint for OIDC connector

What this PR does / why we need it

closes #3519

Special notes for your reviewer

The test to check the change would have been cumbersome if we had implemented it (because the library doesn't expose the JWKS URL).

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
@@ -107,6 +107,9 @@ type ProviderDiscoveryOverrides struct {
// AuthURL provides a way to user overwrite the Auth URL
// from the .well-known/openid-configuration authorization_endpoint
AuthURL string `json:"authURL"`
// JWKSURL provides a way to user overwrite the JWKS URL
// from the .well-known/openid-configuration jwks_uri
JWKSURL string `json:"jwksURL"`
}

func (o *ProviderDiscoveryOverrides) Empty() bool {
Copy link
Contributor

@sohgaura sohgaura May 14, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

return o.TokenURL == "" && o.AuthURL == ""

Pls do a check for JWKSURL as well, current condition only checks authurl and tokenurl to override values. This will not work if only JWKSURL is passed.
Add required changes to oidc_test.go for consistency.

@nabokihms
Copy link
Member Author

Closing in favour of #3543

@nabokihms nabokihms closed this May 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Option to override jwks_uri for OIDC
2 participants