feat: add jwks uri (#126)

2023-08-10 07:49:28 +02:00 · 2023-08-10 07:49:28 +02:00 · d5caace0e3
commit d5caace0e3
parent 5f7526bbaf
3 changed files with 14 additions and 0 deletions
--- a/api/v1alpha1/oauth2client_types.go
+++ b/api/v1alpha1/oauth2client_types.go
@ -116,6 +116,12 @@ type OAuth2ClientSpec struct {
 	//
 	// Metadata is abritrary data
 	Metadata apiextensionsv1.JSON `json:"metadata,omitempty"`
+
+	// +kubebuilder:validation:type=string
+	// +kubebuilder:validation:Pattern=`(^$|^https?://.*)`
+	//
+	// JwksUri Define the URL where the JSON Web Key Set should be fetched from when performing the private_key_jwt client authentication method.
+	JwksUri string `json:"jwksUri,omitempty"`
 }

 // +kubebuilder:validation:Enum=client_credentials;authorization_code;implicit;refresh_token
--- a/config/crd/bases/hydra.ory.sh_oauth2clients.yaml
+++ b/config/crd/bases/hydra.ory.sh_oauth2clients.yaml
@ -114,6 +114,13 @@ spec:
                      pattern: (^$|^https?://.*)
                      type: string
                  type: object
+                jwksUri:
+                  description:
+                    Define the URL where the JSON Web Key Set should be fetched
+                    from when performing the private_key_jwt client
+                    authentication method.
+                  pattern: (^$|^https?://.*)
+                  type: string
                metadata:
                  description: Metadata is abritrary data
                  nullable: true
--- a/hydra/types.go
+++ b/hydra/types.go
@ -28,6 +28,7 @@ type OAuth2ClientJSON struct {
 	Owner                   string          `json:"owner"`
 	TokenEndpointAuthMethod string          `json:"token_endpoint_auth_method,omitempty"`
 	Metadata                json.RawMessage `json:"metadata,omitempty"`
+	JwksUri                 string          `json:"jwks_uri,omitempty"`
 }

 // Oauth2ClientCredentials represents client ID and password fetched from a