Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Either support ES512 or provide a P-256 key in static/certs/oidc-v2-rp-secret.json #665

Open
muhammadnizami opened this issue May 20, 2024 · 2 comments
Open

Either support ES512 or provide a P-256 key in static/certs/oidc-v2-rp-secret.json #665

muhammadnizami opened this issue May 20, 2024 · 2 comments

Comments

@muhammadnizami
Copy link

When trying to access GET /corppass/v2/authorize I'm using one of the keys given in static/certs/oidc-v2-rp-secret.json. The signing JWK given there uses ES512 algorithm and P-512 curve. The problem is, if I use that, I get this error from GET /corppass/v2/authorize/ endpoint: The client_assertion alg ES512 does not meet required token_endpoint_auth_signing_alg_values_supported [ 'ES256' ]
@cflee
Copy link
Contributor

cflee commented May 20, 2024

@muhammadnizami Could you confirm if that cited line is an error or a warning? This report seems similar to #654, and the issue reporter there said that that it was a warning

@cflee
Copy link
Contributor

cflee commented May 20, 2024

But either way, yes, it probably makes sense to provide an static key that works with ES256 for the convenience of users not running mockpass with their own JWKS endpoint

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cflee @muhammadnizami