You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've been trying to get Spire and Strimzi deployed Kafka to work together. I deployed the oidc-discovery-provider and connected Kafka to it. It almost works but apparently the Kafka plugin is expecting the JWKS to have the 'use' property specified. It appears optional in the spec so its arguably a Kafka plugin bug. But, there could be other oidc/oauth2 clients that have similar expectations so for compatibility reasons, the ability to have oidc-discovery-provider allow force setting the 'use' property might be useful. Perhaps a command line flag to force set the 'use' property to 'sig'?
The text was updated successfully, but these errors were encountered:
I think this sounds reasonable. I am tempted to just add "use" to the JWKs across the board but I am not super confident that it won't break some esoteric existing deployment. It WOULD be surprising if an implementation couldn't handle the parameter but we've seem some crazy stuff.
command line flag
The project does not use flags except to direct the application to a config file. I could see us growing a new jwks section in the config file for controlling rendering (assumes that we may have other properties to tweak in the future).
I've been trying to get Spire and Strimzi deployed Kafka to work together. I deployed the oidc-discovery-provider and connected Kafka to it. It almost works but apparently the Kafka plugin is expecting the JWKS to have the 'use' property specified. It appears optional in the spec so its arguably a Kafka plugin bug. But, there could be other oidc/oauth2 clients that have similar expectations so for compatibility reasons, the ability to have oidc-discovery-provider allow force setting the 'use' property might be useful. Perhaps a command line flag to force set the 'use' property to 'sig'?
The text was updated successfully, but these errors were encountered: