Add email, admin status and name to returned JWT

MrFriendly-B-V · May 17, 2024 · dedeb00 · dedeb00
1 parent 7c14deb
commit dedeb00
Show file tree

Hide file tree

Showing 19 changed files with 199 additions and 189 deletions.
diff --git a/Makefile b/Makefile
@@ -12,13 +12,16 @@ help:
 	echo "- upload-ui	 	: Build and upload the ui Docker image"
 
 test_oidc_key.pem:
-	ssh-keygen -t rsa -b 4096 -m PEM -q -N "" -f ./test_oidc_key.pem
+	openssl genrsa -out ./test_oidc_key.pem 4096
+
+test_oidc_key.pem.pub: test_oidc_key.pem
+	openssl rsa -in ./test_oidc_key.pem -pubout -outform PEM -out ./test_oidc_key.pem.pub
 
-config.json:
+config.json: sample_config.json
 	cp sample_config.json config.json
 
 .PHONY: up
-up: test_oidc_key.pem config.json
+up: test_oidc_key.pem test_oidc_key.pem.pub config.json
 	docker compose up -d
 	echo "Wilford UI available at 	http://localhost:2522"
 	echo "Wilford Docs available at	http://localhost:2523"
@@ -50,7 +53,4 @@ build-docs:
 
 .PHONY: build-ui
 build-ui:
-	# Patch for production
-	#sed -i "s|createWebHistory('/')|createWebHistory('/wilford')|" ui/src/router/index.ts
-
 	docker build -t registry.mrfriendly.uk/wilford-ui ui/
diff --git a/README.md b/README.md
@@ -13,7 +13,7 @@ make up
 ```
 This will:
 - Create an OIDC signing key if it doesn't exist
-- Copy `sample_config.json` to `config.json
+- Copy `sample_config.json` to `config.json`
 - Start all containers
 
 The following services will be available:
@@ -41,6 +41,14 @@ docker-compose down
 make up 
 ```
 
+## Generate OIDC Key
+```bash
+# Private key
+openssl genrsa -out ./oidc.pem 4096
+
+# Public key
+openssl rsa -in ./oidc.pem -pubout -outform PEM -out ./oidc.pem.pub
+```
 
 # License
 MIT or Apache-2.0, at your option
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -31,7 +31,8 @@ services:
       - "RUST_LOG=DEBUG"
     volumes:
       - "./config.json:/config.json"
-      - "./test_oidc_key.pem:/oidc.pem"
+      - "./test_oidc_key.pem:/test_oidc_key.pem"
+      - "./test_oidc_key.pem.pub:/test_oidc_key.pem.pub"
     depends_on:
       - "mariadb-wilford"
 

diff --git a/docs/src/introduction.md b/docs/src/introduction.md
@@ -12,5 +12,4 @@ Wilford's implementation of OAuth2 and OpenID Connect is derived from the follow
 ## TODO
 Not everything is implemented 100%. I'd like to add support for:
 - [A.4](https://openid.net/specs/openid-connect-core-1_0.html#code-id_tokenExample) (`response_type=code id_token`).
-At the moment only `response_type=id_token token` is supported.
-- User information in the returned JWTs
+At the moment only `response_type=id_token token` is supported.
diff --git a/sample_config.json b/sample_config.json
@@ -19,6 +19,7 @@
   "default_client": {
     "redirect_uri": "http://localhost:2522/login-ok"
   },
-  "oidc_signing_key": "/oidc.pem",
+  "oidc_signing_key": "/test_oidc_key.pem",
+  "oidc_public_key": "/test_oidc_key.pem.pub",
   "oidc_issuer": "http://localhost:2521"
 }