Allow passing a map of issuer -> JWKS to the `jwks` configuration attribute

Those who may have multiple valid issuers configured but still want to provide the JWKS data _per issuer_ inside of a bundle (and not fetched via the metadata flow), we should allow passing an object to the `jwks` object that maps between issuer and JWKS. Currently, the user would have to do this out of band, and merge the keys into a single `keys` array:

```yaml
{
  "allowed_issuers": [
    "https://foo.example.com",
    "https://bar.example.com",
  ],
  "jwks": {
    "keys": [
      {
        "kty": "RSA",
        "n": "0uUZ4XpiWu4ds6SxR.....",
        "e": "AQAB"
      },
      { 
        "more keys from all issuers": "here..."
      }
    ]
  }
}
```

In addition to this, we should allow passing a map of issuers -> keys.

```json
{
  "allowed_issuers": [
    "https://foo.example.com",
    "https://bar.example.com"
  ],
  "jwks": {
    "https://foo.example.com": {
      "keys": [
        {
          "kty": "RSA",
          "n": "0uUZ4XpiWu4ds6SxR.....",
          "e": "AQAB"
        }
      ]
    },
    "https://bar.example.com": {
      "keys": [
        {
          "kty": "RSA",
          "n": "RxS6sd4uWipX4ZUu0.....",
          "e": "AQAB"
        }
      ]
    }
  }
}
```



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Allow passing a map of issuer -> JWKS to the `jwks` configuration attribute #3

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Allow passing a map of issuer -> JWKS to the jwks configuration attribute #3

Description

Activity