feat: service account token exchange

2020-09-02 17:52:22 +02:00 · 2020-09-02 17:52:22 +02:00 · 7a109a763d
commit 7a109a763d
parent c828290ef1
7 changed files with 71 additions and 10 deletions
--- a/pkg/op/default_op.go
+++ b/pkg/op/default_op.go
@ -273,6 +273,11 @@ func (p *DefaultOP) Signer() Signer {
 func (p *DefaultOP) Crypto() Crypto {
 	return p.crypto
 }
+
+func (p *DefaultOP) Verifier() rp.Verifier {
+	return p.verifier
+}
+
 func (p *DefaultOP) HandleReady(w http.ResponseWriter, r *http.Request) {
 	probes := []ProbesFn{
 		ReadySigner(p.Signer()),
@ -299,9 +304,13 @@ func (p *DefaultOP) HandleExchange(w http.ResponseWriter, r *http.Request) {
 		RequestError(w, r, ErrInvalidRequest("grant_type missing"))
 		return
 	}
-	if reqType == string(oidc.GrantTypeCode) {
+	switch reqType {
+	case string(oidc.GrantTypeCode):
 		CodeExchange(w, r, p)
 		return
+	case string(oidc.GrantTypeBearer):
+		JWTExchange(w, r, p)
+		return
 	}
 	TokenExchange(w, r, p)
 }