versia-pub/server
2
0
Fork 0
mirror of https://github.com/versia-pub/server.git synced 2026-03-13 05:49:16 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor(plugin): 🚚 Move JWKS well-known endpoint to OpenID plugin

Browse source
This commit is contained in:
Jesse Wierzbinski 2024-10-07 12:52:22 +02:00
parent 2e827814de
commit 0557d52afe
No known key found for this signature in database
7 changed files with 118 additions and 83 deletions
Download patch file Download diff file Expand all files Collapse all files

74
api/well-known/jwks/index.ts
View file

@ -1,74 +0,0 @@
import { apiRoute, applyConfig } from "@/api";
import { createRoute, z } from "@hono/zod-openapi";
import { exportJWK } from "jose";
import { config } from "~/packages/config-manager";
export const meta = applyConfig({
auth: {
required: false,
},
ratelimits: {
duration: 30,
max: 60,
},
route: "/.well-known/jwks",
});
const route = createRoute({
method: "get",
path: "/.well-known/jwks",
summary: "JWK Set",
responses: {
200: {
description: "JWK Set",
content: {
"application/json": {
schema: z.object({
keys: z.array(
z.object({
kty: z.string(),
use: z.string(),
alg: z.string(),
kid: z.string(),
crv: z.string().optional(),
x: z.string().optional(),
y: z.string().optional(),
}),
),
}),
},
},
},
},
});
export default apiRoute((app) =>
app.openapi(route, async (context) => {
const publicKey = await crypto.subtle.importKey(
"spki",
Buffer.from(config.oidc.keys?.public ?? "", "base64"),
"Ed25519",
true,
["verify"],
);
const jwk = await exportJWK(publicKey);
// Remove the private key
jwk.d = undefined;
return context.json(
{
keys: [
{
...jwk,
use: "sig",
alg: "EdDSA",
kid: "1",
},
],
},
200,
);
}),
);