Loading...

XML

Word

Printable

Type: Story
Resolution: Done
Priority: Normal
Fix Version/s: None
Affects Version/s: None
Component/s: Back Office Proxy
Labels:
- platform-accessmanagement

Activity Type:
Quality / Stability / Reliability
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Acceptance Criteria:
None
BZ requires_doc_text:
Unset
Regression:
None
BZ Keywords:
- Unset
Intelligence Requested:
Market:
PX Impact Score:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Create new /jwk endpoint in bop
This endpoint will require a kid as input
mbop example: https://github.com/RedHatInsights/mbop/blob/16835a13ace135bcc556f8a7cf66ccdf6032c9aa/internal/handlers/jwt_v1_handler.go#L23

It will reach out to sso /certs endpoint: https://sso.stage.redhat.com/auth/realms/redhat-external/protocol/openid-connect/certs , this returns a list and we match on the kid
Grab the x5c data from the matched object and convert to pem data
https://www.npmjs.com/package/jwk-to-pem (or similar)

Return this pem data (base64 encoded, similar to https://sso.stage.redhat.com/auth/realms/redhat-external/ public_key)

Extra notes: https://docs.google.com/document/d/1_gDfjkwvuLAEMS0l1MKd-MMbr6BbeqVPxRYVOeOHSHM/edit?tab=t.lh7tyl8wi25t

Assignee:: Jay Zeng

Reporter:: Ashley Morgan

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2025/12/18 5:26 PM

Updated:: 2026/01/05 3:16 PM

Resolved:: 2025/12/22 5:59 PM