chore: update jwtProfileKeySet to match actual use (#219)

2022-09-29 22:24:47 -07:00 · 2022-09-29 22:24:47 -07:00 · 4b4b0e49e0
commit 4b4b0e49e0
parent c0badf2329
2 changed files with 5 additions and 6 deletions
--- a/pkg/op/auth_request.go
+++ b/pkg/op/auth_request.go
@ -148,7 +148,7 @@ func ParseRequestObject(ctx context.Context, authReq *oidc.AuthRequest, storage
 	if !str.Contains(requestObject.Audience, issuer) {
 		return authReq, oidc.ErrInvalidRequest()
 	}
-	keySet := &jwtProfileKeySet{storage, requestObject.Issuer}
+	keySet := &jwtProfileKeySet{storage: storage, clientID: requestObject.Issuer}
 	if err = oidc.CheckSignature(ctx, authReq.RequestParam, payload, requestObject, nil, keySet); err != nil {
 		return authReq, err
 	}
--- a/pkg/op/verifier_jwt_profile.go
+++ b/pkg/op/verifier_jwt_profile.go
@ -96,8 +96,7 @@ func VerifyJWTAssertion(ctx context.Context, assertion string, v JWTProfileVerif
 		return nil, err
 	}

-	keySet := &jwtProfileKeySet{v.Storage(), request.Issuer}
-
+	keySet := &jwtProfileKeySet{storage: v.Storage(), clientID: request.Issuer}
 	if err = oidc.CheckSignature(ctx, assertion, payload, request, nil, keySet); err != nil {
 		return nil, err
 	}
@ -116,14 +115,14 @@ func SubjectIsIssuer(request *oidc.JWTTokenRequest) error {
 }

 type jwtProfileKeySet struct {
-	storage jwtProfileKeyStorage
-	userID  string
+	storage  jwtProfileKeyStorage
+	clientID string
 }

 //VerifySignature implements oidc.KeySet by getting the public key from Storage implementation
 func (k *jwtProfileKeySet) VerifySignature(ctx context.Context, jws *jose.JSONWebSignature) (payload []byte, err error) {
 	keyID, _ := oidc.GetKeyIDAndAlg(jws)
-	key, err := k.storage.GetKeyByIDAndUserID(ctx, keyID, k.userID)
+	key, err := k.storage.GetKeyByIDAndUserID(ctx, keyID, k.clientID)
 	if err != nil {
 		return nil, fmt.Errorf("error fetching keys: %w", err)
 	}