From: Dan Brown Date: Thu, 14 Oct 2021 12:37:55 +0000 (+0100) Subject: Fixed lack of oidc discovery filtering during testing X-Git-Tag: v21.10~1^2~21^2 X-Git-Url: http://source.bookstackapp.com/bookstack/commitdiff_plain/refs/pull/2960/head?ds=inline Fixed lack of oidc discovery filtering during testing Tested oidc system on okta, Keycloak & Auth0 --- diff --git a/app/Auth/Access/Oidc/OidcProviderSettings.php b/app/Auth/Access/Oidc/OidcProviderSettings.php index f1b530667..2b72c54b0 100644 --- a/app/Auth/Access/Oidc/OidcProviderSettings.php +++ b/app/Auth/Access/Oidc/OidcProviderSettings.php @@ -149,7 +149,7 @@ class OidcProviderSettings if (!empty($result['jwks_uri'])) { $keys = $this->loadKeysFromUri($result['jwks_uri'], $httpClient); - $discoveredSettings['keys'] = array_filter($keys); + $discoveredSettings['keys'] = $this->filterKeys($keys); } return $discoveredSettings; @@ -161,7 +161,7 @@ class OidcProviderSettings protected function filterKeys(array $keys): array { return array_filter($keys, function(array $key) { - return $key['key'] === 'RSA' && $key['use'] === 'sig' && $key['alg'] === 'RS256'; + return $key['kty'] === 'RSA' && $key['use'] === 'sig' && $key['alg'] === 'RS256'; }); } diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php index 18e1fb627..5fce642cf 100644 --- a/app/Providers/AppServiceProvider.php +++ b/app/Providers/AppServiceProvider.php @@ -80,7 +80,9 @@ class AppServiceProvider extends ServiceProvider }); $this->app->bind(HttpClientInterface::class, function($app) { - return new Client(['timeout' => 3]); + return new Client([ + 'timeout' => 3, + ]); }); } }