fix: rp verification process

2021-04-26 11:00:42 +02:00 · 2021-04-26 11:00:42 +02:00 · 65a58039dc
commit 65a58039dc
parent a2601f1584
9 changed files with 148 additions and 47 deletions
--- a/pkg/op/verifier_jwt_profile.go
+++ b/pkg/op/verifier_jwt_profile.go
@ -86,18 +86,13 @@ type jwtProfileKeySet struct {
 }

 func (k *jwtProfileKeySet) VerifySignature(ctx context.Context, jws *jose.JSONWebSignature) (payload []byte, err error) {
-	keyID := ""
-	for _, sig := range jws.Signatures {
-		keyID = sig.Header.KeyID
-		break
-	}
+	keyID, alg := oidc.GetKeyIDAndAlg(jws)
 	key, err := k.Storage.GetKeyByIDAndUserID(ctx, keyID, k.userID)
 	if err != nil {
 		return nil, fmt.Errorf("error fetching keys: %w", err)
 	}
-	payload, err, ok := oidc.CheckKey(keyID, jws, *key)
-	if !ok {
-		return nil, errors.New("invalid kid")
+	if key.Algorithm != alg {
+
 	}
-	return payload, err
+	return jws.Verify(&key)
 }