Add asymmetric JWT signing (#16010)

* Added asymmetric token signing. * Load signing key from settings. * Added optional kid parameter. * Updated documentation. * Add "kid" to token header.
2025-05-25 11:22:16 +00:00 · 2021-06-17 23:56:46 +02:00 · 2021-06-17 23:56:46 +02:00 · 29695cd6d5
commit 29695cd6d5
parent f7cd394680
13 changed files with 481 additions and 47 deletions
--- a/routers/web/web.go
+++ b/routers/web/web.go
@ -295,6 +295,7 @@ func RegisterRoutes(m *web.Route) {
 	}, ignSignInAndCsrf, reqSignIn)
 	m.Get("/login/oauth/userinfo", ignSignInAndCsrf, user.InfoOAuth)
 	m.Post("/login/oauth/access_token", CorsHandler(), bindIgnErr(forms.AccessTokenForm{}), ignSignInAndCsrf, user.AccessTokenOAuth)
+	m.Get("/login/oauth/keys", ignSignInAndCsrf, user.OIDCKeys)

 	m.Group("/user/settings", func() {
 		m.Get("", userSetting.Profile)