lafourmi-immo
/
omniauth-keycloak
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use JSON::JWK::Set instead of JSON::JWK (#21) 

Fixes #17 - with the JWK::Set the JSON lib automatically checks for the correct key to verify the signature
master
Marcel Hoppe 2021-12-18 22:37:09 +01:00 committed by GitHub
parent 8fd1481f52
commit cc236ae6fe
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
lib/omniauth/strategies/keycloak-openid.rb
View File

@ -13,7 +13,7 @@ module OmniAuth
attr_reader :authorize_url attr_reader :authorize_url
attr_reader :token_url attr_reader :token_url
attr_reader :cert attr_reader :certs
def setup_phase def setup_phase
if @authorize_url.nil? || @token_url.nil? if @authorize_url.nil? || @token_url.nil?
@ -46,8 +46,8 @@ module OmniAuth
certs = Faraday.get @certs_endpoint certs = Faraday.get @certs_endpoint
if (certs.status == 200) if (certs.status == 200)
json = MultiJson.load(certs.body) json = MultiJson.load(certs.body)
@cert = json["keys"][0] @certs = json["keys"]
log :debug, "Successfully got certificate. Certificate length: #{@cert.length}" log :debug, "Successfully got certificate. Certificate length: #{@certs.length}"
else else
message = "Coundn't get certificate. URL: #{@certs_endpoint}" message = "Coundn't get certificate. URL: #{@certs_endpoint}"
log :error, message log :error, message
@ -106,8 +106,8 @@ module OmniAuth
def raw_info def raw_info
id_token_string = access_token.token id_token_string = access_token.token
jwk = JSON::JWK.new(@cert) jwks = JSON::JWK::Set.new(@certs)
id_token = JSON::JWT.decode id_token_string, jwk id_token = JSON::JWT.decode id_token_string, jwks
id_token id_token
end end