public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Pass along oidc config to verifier

This commit is contained in:
Brian McNamara 2024-11-27 15:53:08 -08:00
parent ef8ba75987
commit 587a9aa89a
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
pkg/validation/options.go
View File

@ -58,8 +58,7 @@ func Validate(o *options.Options) error {
jwtIssuers, msgs = parseJwtIssuers(o.ExtraJwtIssuers, msgs)
for _, jwtIssuer := range jwtIssuers {
verifier, err := newVerifierFromJwtIssuer(
o.Providers[0].OIDCConfig.AudienceClaims,
o.Providers[0].OIDCConfig.ExtraAudiences,
o.Providers[0].OIDCConfig,
jwtIssuer,
)
if err != nil {
@ -142,12 +141,14 @@ func parseJwtIssuers(issuers []string, msgs []string) ([]jwtIssuer, []string) {
// newVerifierFromJwtIssuer takes in issuer information in jwtIssuer info and returns
// a verifier for that issuer.
func newVerifierFromJwtIssuer(audienceClaims []string, extraAudiences []string, jwtIssuer jwtIssuer) (internaloidc.IDTokenVerifier, error) {
func newVerifierFromJwtIssuer(odicOptions options.OIDCOptions, jwtIssuer jwtIssuer) (internaloidc.IDTokenVerifier, error) {
pvOpts := internaloidc.ProviderVerifierOptions{
AudienceClaims: audienceClaims,
AudienceClaims: odicOptions.AudienceClaims,
ClientID: jwtIssuer.audience,
ExtraAudiences: extraAudiences,
ExtraAudiences: odicOptions.ExtraAudiences,
IssuerURL: jwtIssuer.issuerURI,
SkipDiscovery: odicOptions.SkipDiscovery,
JWKsURL: odicOptions.JwksURL,
}
pv, err := internaloidc.NewProviderVerifier(context.TODO(), pvOpts)