From 064a409443ea56e2bed97efe3c42b0641372aa40 Mon Sep 17 00:00:00 2001
From: sohgaura <31881670+sohgaura@users.noreply.github.com>
Date: Fri, 31 May 2024 08:15:59 -0700
Subject: [PATCH] OIDC connector option to override jwksURI (#3543)

Signed-off-by: sohgaura <tiwari.dk1@gmail.com>
Signed-off-by: sohgaura <31881670+sohgaura@users.noreply.github.com>
---
 connector/oidc/oidc.go | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/connector/oidc/oidc.go b/connector/oidc/oidc.go
index fd715970..578480ec 100644
--- a/connector/oidc/oidc.go
+++ b/connector/oidc/oidc.go
@@ -107,10 +107,13 @@ type ProviderDiscoveryOverrides struct {
 	// AuthURL provides a way to user overwrite the Auth URL
 	// from the .well-known/openid-configuration authorization_endpoint
 	AuthURL string `json:"authURL"`
+	// JWKSURL provides a way to user overwrite the JWKS URL
+	// from the .well-known/openid-configuration jwks_uri
+	JWKSURL string `json:"jwksURL"`
 }
 
 func (o *ProviderDiscoveryOverrides) Empty() bool {
-	return o.TokenURL == "" && o.AuthURL == ""
+	return o.TokenURL == "" && o.AuthURL == "" && o.JWKSURL == ""
 }
 
 func getProvider(ctx context.Context, issuer string, overrides ProviderDiscoveryOverrides) (*oidc.Provider, error) {
@@ -151,7 +154,9 @@ func getProvider(ctx context.Context, issuer string, overrides ProviderDiscovery
 	if overrides.AuthURL != "" {
 		config.AuthURL = overrides.AuthURL
 	}
-
+	if overrides.JWKSURL != "" {
+		config.JWKSURL = overrides.JWKSURL
+	}
 	return config.NewProvider(context.Background()), nil
 }
 
-- 
GitLab