3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-02 19:04:14 +02:00
Code Issues Projects Releases Packages Wiki Activity

use tlsClientConfig instead of custom dialer (#3830)

Browse source 
* use tlsClientConfig instead of custom dialer

* rm debug log
This commit is contained in:
Denis Mishin 2022-12-27 11:55:36 -05:00 committed by GitHub
parent 5252cbda23
commit a49f86d023
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 49 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

10
authorize/state.go
View file

@ -84,9 +84,15 @@ func newAuthorizeStateFromConfig(cfg *config.Config, store *store.Store) (*autho
}
state.hpkePrivateKey = hpke.DerivePrivateKey(sharedKey)
state.authenticateKeyFetcher = hpke.NewKeyFetcher(authenticateURL.ResolveReference(&url.URL{
jwksURL := authenticateURL.ResolveReference(&url.URL{
Path: "/.well-known/pomerium/jwks.json",
}).String())
}).String()
transport, err := config.GetTLSClientTransport(cfg)
if err != nil {
return nil, fmt.Errorf("authorize: get tls client config: %w", err)
}
state.authenticateKeyFetcher = hpke.NewKeyFetcher(jwksURL, transport)
return state, nil
}