From 855409bc4f839cde7c31ced8aac26cc924b5a223 Mon Sep 17 00:00:00 2001 From: Dan Brown Date: Thu, 14 Oct 2021 13:37:55 +0100 Subject: [PATCH] Fixed lack of oidc discovery filtering during testing Tested oidc system on okta, Keycloak & Auth0 --- app/Auth/Access/Oidc/OidcProviderSettings.php | 4 ++-- app/Providers/AppServiceProvider.php | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/app/Auth/Access/Oidc/OidcProviderSettings.php b/app/Auth/Access/Oidc/OidcProviderSettings.php index f1b530667..2b72c54b0 100644 --- a/app/Auth/Access/Oidc/OidcProviderSettings.php +++ b/app/Auth/Access/Oidc/OidcProviderSettings.php @@ -149,7 +149,7 @@ class OidcProviderSettings if (!empty($result['jwks_uri'])) { $keys = $this->loadKeysFromUri($result['jwks_uri'], $httpClient); - $discoveredSettings['keys'] = array_filter($keys); + $discoveredSettings['keys'] = $this->filterKeys($keys); } return $discoveredSettings; @@ -161,7 +161,7 @@ class OidcProviderSettings protected function filterKeys(array $keys): array { return array_filter($keys, function(array $key) { - return $key['key'] === 'RSA' && $key['use'] === 'sig' && $key['alg'] === 'RS256'; + return $key['kty'] === 'RSA' && $key['use'] === 'sig' && $key['alg'] === 'RS256'; }); } diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php index 18e1fb627..5fce642cf 100644 --- a/app/Providers/AppServiceProvider.php +++ b/app/Providers/AppServiceProvider.php @@ -80,7 +80,9 @@ class AppServiceProvider extends ServiceProvider }); $this->app->bind(HttpClientInterface::class, function($app) { - return new Client(['timeout' => 3]); + return new Client([ + 'timeout' => 3, + ]); }); } }