oscar-surf/misskey
oscar-surf/misskey
0
0
Fork 0
Code Issues Activity

fix(SSO/SAML): JWK関数の仕様変更に対応 (MisskeyIO#966)

Browse source
This commit is contained in:
あわわわとーにゅ 2025-04-01 06:37:33 +09:00 committed by GitHub
parent 3bd2b5a048
commit abc5e05607
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
packages/backend/src/misc/gen-x509-cert-from-jwk.ts
View file

@ -18,13 +18,13 @@ export async function genX509CertFromJWK(
cert.setSubject(attrs); cert.setSubject(attrs);
cert.setIssuer(attrs); cert.setIssuer(attrs);
cert.publicKey = await jose cert.publicKey = await jose
.importJWK(JSON.parse(publicKey), alg) .importJWK(JSON.parse(publicKey), alg, { extractable: true })
.then((k) => jose.exportSPKI(k as jose.CryptoKey)) .then((k) => jose.exportSPKI(k as jose.CryptoKey))
.then((k) => forge.pki.publicKeyFromPem(k)); .then((k) => forge.pki.publicKeyFromPem(k));
cert.sign( cert.sign(
await jose await jose
.importJWK(JSON.parse(privateKey), alg) .importJWK(JSON.parse(privateKey), alg, { extractable: true })
.then((k) => jose.exportPKCS8(k as jose.CryptoKey)) .then((k) => jose.exportPKCS8(k as jose.CryptoKey))
.then((k) => forge.pki.privateKeyFromPem(k)), .then((k) => forge.pki.privateKeyFromPem(k)),
forge.md.sha256.create(), forge.md.sha256.create(),

4
packages/backend/src/server/sso/SAMLIdentifyProviderService.ts
View file

@ -238,7 +238,7 @@ export class SAMLIdentifyProviderService {
const idp = saml.IdentityProvider({ const idp = saml.IdentityProvider({
metadata: await this.createIdPMetadataXml(ssoServiceProvider), metadata: await this.createIdPMetadataXml(ssoServiceProvider),
privateKey: await jose privateKey: await jose
.importJWK(JSON.parse(ssoServiceProvider.privateKey ?? '{}'), ssoServiceProvider.signatureAlgorithm) .importJWK(JSON.parse(ssoServiceProvider.privateKey ?? '{}'), ssoServiceProvider.signatureAlgorithm, { extractable: true })
.then(k => jose.exportPKCS8(k as jose.CryptoKey)), .then(k => jose.exportPKCS8(k as jose.CryptoKey)),
}); });
@ -392,7 +392,7 @@ export class SAMLIdentifyProviderService {
const idp = saml.IdentityProvider({ const idp = saml.IdentityProvider({
metadata: await this.createIdPMetadataXml(ssoServiceProvider), metadata: await this.createIdPMetadataXml(ssoServiceProvider),
privateKey: await jose privateKey: await jose
.importJWK(JSON.parse(ssoServiceProvider.privateKey ?? '{}'), ssoServiceProvider.signatureAlgorithm) .importJWK(JSON.parse(ssoServiceProvider.privateKey ?? '{}'), ssoServiceProvider.signatureAlgorithm, { extractable: true })
.then(k => jose.exportPKCS8(k as jose.CryptoKey)), .then(k => jose.exportPKCS8(k as jose.CryptoKey)),
loginResponseTemplate: { context: 'ignored' }, loginResponseTemplate: { context: 'ignored' },
}); });