fix token revocation authentication and discovery config

2021-11-02 09:43:14 +01:00 · 2021-11-02 09:43:14 +01:00 · 4ddf7c7764
commit 4ddf7c7764
parent 162990f974
4 changed files with 74 additions and 13 deletions
--- a/pkg/op/op.go
+++ b/pkg/op/op.go
@ -23,6 +23,7 @@ const (
 	defaultTokenEndpoint         = "oauth/token"
 	defaultIntrospectEndpoint    = "oauth/introspect"
 	defaultUserinfoEndpoint      = "userinfo"
+	defaultRevocationEndpoint    = "revoke"
 	defaultEndSessionEndpoint    = "end_session"
 	defaultKeysEndpoint          = "keys"
 )
@ -33,6 +34,7 @@ var (
 		Token:         NewEndpoint(defaultTokenEndpoint),
 		Introspection: NewEndpoint(defaultIntrospectEndpoint),
 		Userinfo:      NewEndpoint(defaultUserinfoEndpoint),
+		Revocation:    NewEndpoint(defaultRevocationEndpoint),
 		EndSession:    NewEndpoint(defaultEndSessionEndpoint),
 		JwksURI:       NewEndpoint(defaultKeysEndpoint),
 	}
@ -222,6 +224,14 @@ func (o *openidProvider) IntrospectionEndpointSigningAlgorithmsSupported() []str
 	return []string{"RS256"}
 }

+func (o *openidProvider) RevocationAuthMethodPrivateKeyJWTSupported() bool {
+	return true
+}
+
+func (o *openidProvider) RevocationEndpointSigningAlgorithmsSupported() []string {
+	return []string{"RS256"}
+}
+
 func (o *openidProvider) RequestObjectSupported() bool {
 	return o.config.RequestObjectSupported
 }