Merge branch 'chore-example-algs' into work

2024-08-20 11:15:33 +03:00 · 2024-08-20 11:15:33 +03:00 · 0e6aafa16c
commit 0e6aafa16c
parent f5cd665097 eb249c4c70
1 changed files with 18 additions and 1 deletions
--- a/example/client/app/app.go
+++ b/example/client/app/app.go
@ -11,6 +11,7 @@ import (
 	"sync/atomic"
 	"time"

+	"github.com/go-jose/go-jose/v4"
 	"github.com/google/uuid"
 	"github.com/sirupsen/logrus"

@ -53,7 +54,23 @@ func main() {

 	options := []rp.Option{
 		rp.WithCookieHandler(cookieHandler),
-		rp.WithVerifierOpts(rp.WithIssuedAtOffset(5 * time.Second)),
+		rp.WithVerifierOpts(
+			rp.WithIssuedAtOffset(5*time.Second),
+			// When the OP uses other signing algorithms then RS256,
+			// We need to tell the RP to accept them.
+			// The actual handshake is done with the "kid" and "alg" header claims.
+			// However, [jose.ParseSigned] needs a list of algorithms we are willing to accept.
+			// This example sets all the algorithms the ZITADEL product supports.
+			rp.WithSupportedSigningAlgorithms(
+				string(jose.EdDSA),
+				string(jose.RS256),
+				string(jose.RS384),
+				string(jose.RS512),
+				string(jose.ES256),
+				string(jose.ES384),
+				string(jose.ES512),
+			),
+		),
 		rp.WithHTTPClient(client),
 		rp.WithLogger(logger),
 	}