The headless (Clojure) application I'm working on must check calls to its REST API bear a valid signed JWT token (direct client). Said token is delivered to callers by a private authentication service very similar to the one described here (Facebook OIDC). I'm trying to get Pac4j (6.0.0-RC7) to take this OIDC configuration and use the value from field jwks_urk to return whatever is necessary (supposedly an instance of org.pac4j.jwt.credentials.authenticator.JwtAuthenticator) to check token signatures.
Based on the Javadoc, source code, docs, and many examples I can either:
org.pac4j.oidc.config.OidcConfiguration but can't get a JwtAuthenticator out of it or get the value of jwks_uri.JwtAuthenticator based on the content of field jwks_uri that I've manually extracted from the OIDC config.Is there a path I'm missing that would get me an instance of JwtAuthenticator directly from the OIDC configuration URL ?
Currently, you can't instantiate a JwtAuthenticator directly from an OIDC configuration. You may want to use the JWKHelper.
Feel free to submit a PR to the project.