jwk: Expose ./well-known/jwks.json on public port

Signed-off-by: arekkas <[email protected]>
ory · Aug 6, 2018 · e30d48b · e30d48b
1 parent ba34b0c
commit e30d48b
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 14 deletions.
diff --git a/cmd/server/handler.go b/cmd/server/handler.go
@@ -246,7 +246,7 @@ func (h *Handler) registerRoutes(frontend, backend *httprouter.Router) {
 
 	// Set up handlers
 	h.Clients = newClientHandler(c, backend, clientsManager)
-	h.Keys = newJWKHandler(c, backend)
+	h.Keys = newJWKHandler(c, frontend, backend)
 	h.Consent = newConsentHandler(c, backend)
 	h.OAuth2 = newOAuth2Handler(c, frontend, backend, ctx.ConsentManager, oauth2Provider)
 	_ = newHealthHandler(c, backend)

diff --git a/cmd/server/handler_jwk_factory.go b/cmd/server/handler_jwk_factory.go
@@ -36,7 +36,7 @@ func injectJWKManager(c *config.Config) {
 	})
 }
 
-func newJWKHandler(c *config.Config, router *httprouter.Router) *jwk.Handler {
+func newJWKHandler(c *config.Config, frontend, backend *httprouter.Router) *jwk.Handler {
 	ctx := c.Context()
 	w := herodot.NewJSONWriter(c.GetLogger())
 	w.ErrorEnhancer = writerErrorEnhancer
@@ -53,6 +53,6 @@ func newJWKHandler(c *config.Config, router *httprouter.Router) *jwk.Handler {
 		w,
 		wellKnown,
 	)
-	h.SetRoutes(router)
+	h.SetRoutes(frontend, backend)
 	return h
 }
diff --git a/jwk/handler.go b/jwk/handler.go
@@ -70,18 +70,18 @@ func (h *Handler) GetGenerators() map[string]KeyGenerator {
 	return h.Generators
 }
 
-func (h *Handler) SetRoutes(r *httprouter.Router) {
-	r.GET(WellKnownKeysPath, h.WellKnown)
-	r.GET(KeyHandlerPath+"/:set/:key", h.GetKey)
-	r.GET(KeyHandlerPath+"/:set", h.GetKeySet)
+func (h *Handler) SetRoutes(frontend, backend *httprouter.Router) {
+	frontend.GET(WellKnownKeysPath, h.WellKnown)
+	backend.GET(KeyHandlerPath+"/:set/:key", h.GetKey)
+	backend.GET(KeyHandlerPath+"/:set", h.GetKeySet)
 
-	r.POST(KeyHandlerPath+"/:set", h.Create)
+	backend.POST(KeyHandlerPath+"/:set", h.Create)
 
-	r.PUT(KeyHandlerPath+"/:set/:key", h.UpdateKey)
-	r.PUT(KeyHandlerPath+"/:set", h.UpdateKeySet)
+	backend.PUT(KeyHandlerPath+"/:set/:key", h.UpdateKey)
+	backend.PUT(KeyHandlerPath+"/:set", h.UpdateKeySet)
 
-	r.DELETE(KeyHandlerPath+"/:set/:key", h.DeleteKey)
-	r.DELETE(KeyHandlerPath+"/:set", h.DeleteKeySet)
+	backend.DELETE(KeyHandlerPath+"/:set/:key", h.DeleteKey)
+	backend.DELETE(KeyHandlerPath+"/:set", h.DeleteKeySet)
 }
 
 // swagger:route GET /.well-known/jwks.json oAuth2 wellKnown

diff --git a/jwk/handler_test.go b/jwk/handler_test.go
@@ -48,7 +48,7 @@ func init() {
 		[]string{},
 	)
 	h.Manager.AddKeySet(IDTokenKeyName, IDKS)
-	h.SetRoutes(router)
+	h.SetRoutes(router, router)
 	testServer = httptest.NewServer(router)
 }
 

diff --git a/jwk/sdk_test.go b/jwk/sdk_test.go
@@ -41,7 +41,7 @@ func TestJWKSDK(t *testing.T) {
 		Manager: manager,
 		H:       herodot.NewJSONWriter(nil),
 	}
-	h.SetRoutes(router)
+	h.SetRoutes(router, router)
 	server := httptest.NewServer(router)
 
 	client := hydra.NewJsonWebKeyApiWithBasePath(server.URL)