feat(signer): support EdDSA for the local token signer#4831
Conversation
nabokihms
left a comment
There was a problem hiding this comment.
guessTokenType (introspectionhandler.go) wasn't touched — still no SupportedSigningAlgs. go-oidc checks the alg before honoring InsecureSkipSignatureCheck, so it defaults to RS256 and an EdDSA token fails to parse. guessTokenType then returns RefreshToken, and a valid EdDSA access token comes back active: false. The introspectAccessToken fix never runs for it (same for ES256).
Same one-line fix as the other sites + an e2e introspection test with EdDSA.
Signed-off-by: somaz <genius5711@gmail.com>
a7486b2 to
ed39215
Compare
|
Thanks, good catch. That was exactly the path I missed. Added Also added Pushed in ed39215. Ready for another look. |
Overview
Adds EdDSA (Ed25519) as a signing algorithm for the local token signer, completing #4442. The local signer already supported RS256 and ES256, so this fills in the remaining algorithm requested in the issue.
What this PR does / why we need it
EdDSA produces much smaller signatures than RS256, which matters for setups with a tight token-size budget — the issue describes Argo CD storing tokens as cookies under a 4 KB limit.
server/signer/rotation.go: generate an Ed25519 key when the configured algorithm isEdDSA.server/signer/utils.goalready maps Ed25519 keys tojose.EdDSAandsignPayloadis algorithm-generic, so signing, JWKS publication, and the discoveryid_token_signing_alg_values_supportedvalue already work once a key is generated.server/signer/local.goandcmd/dex/config.go: acceptEdDSAin the local-signer config validation.server/oauth2.go: addEdDSA → SHA-512tohashForSigAlgsoat_hash/c_hashcan be computed for EdDSA id_tokens (Ed25519 uses SHA-512 internally).It also fixes a verifier gap that EdDSA exposes: the
id_token_hint,/userinfo, and/token/introspectverifiers buildoidc.NewVerifierwith anoidc.Configthat does not setSupportedSigningAlgs. go-oidc then defaults toRS256only and rejects ES256/EdDSA Dex-issued tokens withmalformed jwtbeforesignerKeySet.VerifySignatureever runs. These three sites now pass the same algorithm listsignerKeySetalready uses, extracted into a sharedsupportedSigningAlgs.Closes #4442
Special notes for your reviewer
TestRotationStrategyForAlgorithm.TestAccessTokenHashEdDSAfor theat_hashmapping.TestSignerKeySetWithEdDSALocalSignerand an end-to-endTestValidateIDTokenHintEdDSAthat drives the real verifier path. The latter fails against the unpatched verifier withoidc: malformed jwt: unexpected signature algorithm "EdDSA"; expected ["RS256"].go test ./server/... ./cmd/...,golangci-lint run, andgofmt -lare all clean. No new dependencies (Ed25519 is stdlib).