JWT Signature Validation: missing `kid` leads to invalid key error about oidc HOT 2 CLOSED

Hi @moximoti

Thanks for the feedback about the library 😃 and the bug!

I knew the library was no able to validate the signature if no kid is in the header but multiple keys are in the key set without kid (which is spec compliant).
Apparently it's also not able to validate if kid is only missing in the header but not key set.

I should be able to provide you with a fix by tomorrow evening.

from oidc.

Hey @moximoti

I just created a PR which would change the following:

• FindKey is deprecated in favor of FindMatchingKey which will return an error (ErrKeyNone / ErrKeyMultiple) instead of just the bool
• FindKey will wrap the new FindMatchingKey method to get the changes for finding keys without kid
• FindMatchingKey will iterate through the keys and now check for:
  • use and if alg header matches the key type
  • then if kid exact match and are not empty, the key is taken
  • or if either kid is empty, the key is appended to the possible keys
• I refactored the VerifySignature of remoteKeySet into multiple methods, in combination with the changes of FindMatching Key, it will now:
  • check for cached keys and if empty, use remote keys directly
  • if a single cached key matches, try to verify the signature
  • on error it will check if kid was empty and then check for new remote keys
  • the remote key check in this case can be disabled by passing SkipRemoteCheck into NewRemoteKeySet

This should solve your problem and you could even set the SkipRemoteCheck option if there's only a single key without key rotation.

I will retest the OIDC RP Certification later today and check if there's any other spec violation.

from oidc.