providers/oauth2: add initial JWE support (#11344)

* providers/oauth2: add initial JWE support Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-migrate, only set id_token_encryption_* when encryption key is set Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add jwks test with encryption Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2024-10-17 14:04:19 +02:00
parent fc1f146049
commit 47206d3328
18 changed files with 329 additions and 35 deletions
--- a/blueprints/schema.json
+++ b/blueprints/schema.json
@ -5354,7 +5354,13 @@
                    "type": "string",
                    "format": "uuid",
                    "title": "Signing Key",
-                    "description": "Key used to sign the tokens. Only required when JWT Algorithm is set to RS256."
+                    "description": "Key used to sign the tokens."
+                },
+                "encryption_key": {
+                    "type": "string",
+                    "format": "uuid",
+                    "title": "Encryption Key",
+                    "description": "Key used to encrypt the tokens. When set, tokens will be encrypted and returned as JWEs."
                },
                "redirect_uris": {
                    "type": "string",