From 100fba79a6f9e711aac07f465c438c940526af9a Mon Sep 17 00:00:00 2001 From: Simon Skoczylas Date: Mon, 9 Sep 2024 19:46:59 +0200 Subject: [PATCH] Fix OIDC discovery required fields --- internal/server/handler/oidc/discovery.go | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/internal/server/handler/oidc/discovery.go b/internal/server/handler/oidc/discovery.go index a8e014e..db3bf7c 100644 --- a/internal/server/handler/oidc/discovery.go +++ b/internal/server/handler/oidc/discovery.go @@ -19,18 +19,18 @@ type oidcConfigurationResponse struct { JWKsUri string `json:"jwks_uri,omitempty"` RegistrationEndpoint string `json:"registration_endpoint,omitempty"` ScopesSupported []string `json:"scopes_supported,omitempty"` - ResponseTypesSupported []oauth2.ResponseType `json:"response_types_supported,omitempty"` + ResponseTypesSupported []oauth2.ResponseType `json:"response_types_supported"` ResponseModesSupported []string `json:"response_modes_supported,omitempty"` GrantTypesSupported []oauth2.GrantType `json:"grant_types_supported,omitempty"` AcrValuesSupported []string `json:"acr_values_supported,omitempty"` - SubjectTypesSupported []string `json:"subject_types_supported,omitempty"` - IdTokenSigningAlgValuesSupported []string `json:"id_token_signing_alg_values_supported,omitempty"` + SubjectTypesSupported []string `json:"subject_types_supported"` + IdTokenSigningAlgValuesSupported []jwa.SignatureAlgorithm `json:"id_token_signing_alg_values_supported"` IdTokenEncryptionAlgValuesSupported []string `json:"id_token_encryption_alg_values_supported,omitempty"` IdTokenEncryptionEncValuesSupported []string `json:"id_token_encryption_enc_values_supported,omitempty"` - UserInfoSigningAlgValuesSupported []string `json:"userinfo_signing_alg_values_supported,omitempty"` + UserInfoSigningAlgValuesSupported []jwa.SignatureAlgorithm `json:"userinfo_signing_alg_values_supported,omitempty"` UserInfoEncryptionAlgValuesSupported []string `json:"userinfo_encryption_alg_values_supported,omitempty"` UserInfoEncryptionEncValuesSupported []string `json:"userinfo_encryption_enc_values_supported,omitempty"` - RequestObjectSigningAlgValuesSupported []string `json:"request_object_signing_alg_values_supported,omitempty"` + RequestObjectSigningAlgValuesSupported []jwa.SignatureAlgorithm `json:"request_object_signing_alg_values_supported,omitempty"` RequestObjectEncryptionAlgValuesSupported []string `json:"request_object_encryption_alg_values_supported,omitempty"` RequestObjectEncryptionEncValuesSupported []string `json:"request_object_encryption_enc_values_supported,omitempty"` DisplayValuesSupported []string `json:"display_values_supported,omitempty"` @@ -135,6 +135,8 @@ func (h *DiscoveryHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { IntrospectionEndpointAuthSigningAlgValuesSupported: signatureAlgorithmSupported, RevocationEndpointAuthMethodsSupported: authMethodsSupported, RevocationEndpointAuthSigningAlgValuesSupported: signatureAlgorithmSupported, + IdTokenSigningAlgValuesSupported: signatureAlgorithmSupported, + SubjectTypesSupported: []string{"public"}, } jsonError := internalHttp.SendJson(metadataResponse, w) if jsonError != nil {