Merge branch 'main' into op

2021-09-27 08:17:20 +02:00 · 2021-09-27 08:17:20 +02:00 · f90e685c76
commit f90e685c76
parent 07c9890c95 a63fbee93d
17 changed files with 706 additions and 52 deletions
--- a/pkg/op/op.go
+++ b/pkg/op/op.go
@ -2,7 +2,7 @@ package op

 import (
 	"context"
-	"errors"
+	"fmt"
 	"net/http"
 	"time"

@ -279,12 +279,12 @@ type openIDKeySet struct {
 func (o *openIDKeySet) VerifySignature(ctx context.Context, jws *jose.JSONWebSignature) ([]byte, error) {
 	keySet, err := o.Storage.GetKeySet(ctx)
 	if err != nil {
-		return nil, errors.New("error fetching keys")
+		return nil, fmt.Errorf("error fetching keys: %w", err)
 	}
 	keyID, alg := oidc.GetKeyIDAndAlg(jws)
-	key, ok := oidc.FindKey(keyID, oidc.KeyUseSignature, alg, keySet.Keys...)
-	if !ok {
-		return nil, errors.New("invalid kid")
+	key, err := oidc.FindMatchingKey(keyID, oidc.KeyUseSignature, alg, keySet.Keys...)
+	if err != nil {
+		return nil, fmt.Errorf("invalid signature: %w", err)
 	}
 	return jws.Verify(&key)
 }