-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug In readTokenDecryptionKey #33021
Comments
@jainhitesh9998 Thanks, the test uses the pem file as far as I recall, would you like to open a simply PR to fix it ? |
The private jwk Key is configured in this tests: https://github.com/quarkusio/quarkus/blob/main/test-framework/oidc-server/src/main/resources/privateKey.jwk this file doesn't contain 'alg' and 'use' field fixing the properties and adding another PR to validate the changes |
As of now i only see one enc type supported "RSA-OAEP" |
Closed by #33023 |
Describe the bug
Module - quarkus-oidc
quarkus/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/OidcRecorder.java
Line 327 in 9380d09
this condition resolved to false even when i pass a valid jwks private key
keys.get(0).getAlgorithm() == KeyEncryptionAlgorithm.RSA_OAEP.getAlgorithm()
, resulting in application startup failure on configuration of this QUARKUS_OIDC_TOKEN_DECRYPTION_KEY_LOCATION parameterI've changed it to in my local builds and the resolution happens properly and application starts up
properlykeys.get(0).getAlgorithm().equals(KeyEncryptionAlgorithm.RSA_OAEP.getAlgorithm())
Expected behavior
The resolution should be true and if jwks is passed and the private key should be set
Actual behavior
since this check fails, the flow moves to decoding the keyContent as pem file and it gives error in parsing base64 string
How to Reproduce?
I'm trying to configure and use jwe with quarkus-oidc
configure QUARKUS_OIDC_TOKEN_DECRYPTION_KEY_LOCATION with a location of a private jwks key along with other oidc properties.
I can provide the complete setup i'm trying to validate if necessary.
This looks like a trivial bug, and i can send a PR for this.
Output of
uname -a
orver
21.6.0 Darwin Kernel Version 21.6.0: Mon Dec 19 20:43:09 PST 2022; root:xnu-8020.240.18~2/RELEASE_ARM64_T6000 arm64classes/
Output of
java -version
openjdk 17.0.4.1 2022-08-12 LTS
GraalVM version (if different from Java)
No response
Quarkus version or git rev
2.16
Build tool (ie. output of
mvnw --version
orgradlew --version
)Apache Maven 3.8.5
Additional information
No response
The text was updated successfully, but these errors were encountered: