Ignore unsupported algorithms
centromere opened this issue · comments
Alex Wied commented
I am using Keycloak as my OIDC provider, and the well-known endpoint advertises PS384
as a supported signing algorithm. Parsing the JSON fails in this case, however this is not ideal. Would it be possible to ignore unsupported algorithms?
Julien Debon commented
We just started having the same issue: algorithme PS256
breaks.
- How about using
eitherDecode
instead ofdecode
inWeb.OIDC.Client.Discovery#discover
? At least this would help investigating why the library breaks - At least be able to "not break" when algorithms are unknown? E.g. via environment variable
Sho Kuroda commented
@centromere @sir4ur0n
Thank you for your report and suggestions!
I think the issue was resolved by #36. I will release a new version.
Sho Kuroda commented
0.5.0.0 released. #37
Julien Debon commented
Excellent, thank you for your work! We have already upgraded 😄