Skip to content

Commit

Permalink
setup the CA roots in the roundtripper if present
Browse files Browse the repository at this point in the history
  • Loading branch information
@sgmiller
sgmiller committed Aug 5, 2024
1 parent 8505aa6 commit 0dcddb9
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion path_config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -366,7 +366,7 @@ func (b *jwtAuthBackend) createProvider(config *jwtConfig) (*oidc.Provider, erro
supportedSigAlgs = []oidc.Alg{oidc.RS256}
}

opts := []oidc.Option{oidc.WithProviderCA(config.OIDCDiscoveryCAPEM)}
var opts []oidc.Option
if len(config.UnsupportedCriticalCertExtensions) > 0 {
var oids []asn1.ObjectIdentifier
for _, v := range config.UnsupportedCriticalCertExtensions {
Expand Down Expand Up @@ -397,6 +397,8 @@ func (b *jwtAuthBackend) createProvider(config *jwtConfig) (*oidc.Provider, erro

}
opts = append(opts, oidc.WithRoundTripper(ietripper))
} else if config.OIDCDiscoveryCAPEM != "" {
opts = append(opts, oidc.WithProviderCA(config.OIDCDiscoveryCAPEM))
}
c, err := oidc.NewConfig(config.OIDCDiscoveryURL, config.OIDCClientID,
oidc.ClientSecret(config.OIDCClientSecret), supportedSigAlgs, []string{},
Expand Down

0 comments on commit 0dcddb9

Please sign in to comment.