feat(k8s): use secret as shared source for admin private key

2024-03-28 15:53:40 +01:00
parent 35717429a2
commit 7de166765b
18 changed files with 351 additions and 60 deletions
--- a/internal/jwk/jwk.go
+++ b/internal/jwk/jwk.go
@ -10,6 +10,7 @@ import (
 	"github.com/lestrrat-go/jwx/v2/jwa"
 	"github.com/lestrrat-go/jwx/v2/jwk"
 	"github.com/lestrrat-go/jwx/v2/jws"
+	"github.com/oklog/ulid/v2"

 	"github.com/pkg/errors"
 )
@ -23,8 +24,9 @@ type (
 )

 var (
-	FromRaw = jwk.FromRaw
-	NewSet  = jwk.NewSet
+	FromRaw  = jwk.FromRaw
+	NewSet   = jwk.NewSet
+	ParseKey = jwk.ParseKey
 )

 const AlgorithmKey = jwk.AlgorithmKey
@ -95,6 +97,12 @@ func Generate(size int) (jwk.Key, error) {
 		return nil, errors.WithStack(err)
 	}

+	keyID := ulid.Make().String()
+
+	if err := key.Set(jwk.KeyIDKey, keyID); err != nil {
+		return nil, errors.WithStack(err)
+	}
+
 	return key, nil
 }