Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

PublishKeySet Security Configuration and Flow

Description

Having looked at the OP, now that all the security config is in place (at least until it is reviewed), it does not seem too hard to add an endpoint for the RP to publish its public JSON Web keys. So I will look to add this soon.

Environment

None

Activity

Show:

Philip SmartSeptember 8, 2023 at 8:58 AM
Edited

Basic functionality for this has existed since V1.0.0. But more advanced cases have not been addressed. So I will untag a fix version from this for now.

Philip SmartDecember 2, 2022 at 2:32 PM

Reopened this, because in my haste I forgot about a case where there are more than one downstream OP. The keysets currently published are global, and would not be specific to an OP if more than one used.

Philip SmartDecember 1, 2022 at 10:39 AM

Needs documentation. But the functionality is complete.

Philip SmartNovember 24, 2022 at 5:01 PM

Added a keyset flow taking inspiration from the OP’s keyset flow. The profile is located at idp/profile/oidc/rp/keyset — different than the OP keyset.

The RP now includes the OIDC.Keyset profile bean, which is the same profile the OP uses, albeit with a slightly different configuration. As with the OIDC.SSO bean, this could be moved into commons and shared between the OP and RP — but that needs thinking about. See .

Needs testing.

Details

Assignee

Reporter

Created October 7, 2022 at 3:58 PM
Updated September 8, 2023 at 8:58 AM