add HS256/384/512 hash support

2025-02-25 00:30:03 +00:00 · 2025-02-25 00:30:03 +00:00 · e9f1bbc972
commit e9f1bbc972
parent 4ef9529012
5 changed files with 24 additions and 12 deletions
--- a/pkg/oidc/jwt_profile.go
+++ b/pkg/oidc/jwt_profile.go
@ -7,7 +7,7 @@ type JWTProfileGrantRequest struct {
 }

 // NewJWTProfileGrantRequest creates an oauth2 `JSON Web Token (JWT) Profile` Grant
-//`urn:ietf:params:oauth:grant-type:jwt-bearer`
+// `urn:ietf:params:oauth:grant-type:jwt-bearer`
 // sending a self-signed jwt as assertion
 func NewJWTProfileGrantRequest(assertion string, scopes ...string) *JWTProfileGrantRequest {
 	return &JWTProfileGrantRequest{
--- a/pkg/oidc/session.go
+++ b/pkg/oidc/session.go
@ -1,7 +1,7 @@
 package oidc

 // EndSessionRequest for the RP-Initiated Logout according to:
-//https://openid.net/specs/openid-connect-rpinitiated-1_0.html#RPLogout
+// https://openid.net/specs/openid-connect-rpinitiated-1_0.html#RPLogout
 type EndSessionRequest struct {
 	IdTokenHint           string `schema:"id_token_hint"`
 	ClientID              string `schema:"client_id"`
--- a/pkg/oidc/verifier.go
+++ b/pkg/oidc/verifier.go
@ -186,7 +186,7 @@ func toJoseSignatureAlgorithms(algorithms []string) []jose.SignatureAlgorithm {
 		out[i] = jose.SignatureAlgorithm(algorithms[i])
 	}
 	if len(out) == 0 {
-		out = append(out, jose.RS256, jose.ES256, jose.PS256)
+		out = append(out, jose.RS256, jose.ES256, jose.PS256, jose.RS256)
 	}
 	return out
 }