Allow multiple signing keys to be provided

Signed-off-by: Stephen Crawford <[email protected]>
stephen-crawford · Aug 16, 2024 · f5c708f · f5c708f
1 parent 54cd4e0
commit f5c708f
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 2 deletions.
diff --git a/...integrationTest/java/org/opensearch/security/http/JwtAuthenticationWithUrlParamTests.java b/...integrationTest/java/org/opensearch/security/http/JwtAuthenticationWithUrlParamTests.java
@@ -72,7 +72,10 @@ public class JwtAuthenticationWithUrlParamTests {
         "jwt",
         BASIC_AUTH_DOMAIN_ORDER - 1
     ).jwtHttpAuthenticator(
-        new JwtConfigBuilder().jwtUrlParameter(TOKEN_URL_PARAM).signingKey(List.of(PUBLIC_KEY)).subjectKey(CLAIM_USERNAME).rolesKey(CLAIM_ROLES)
+        new JwtConfigBuilder().jwtUrlParameter(TOKEN_URL_PARAM)
+            .signingKey(List.of(PUBLIC_KEY))
+            .subjectKey(CLAIM_USERNAME)
+            .rolesKey(CLAIM_ROLES)
     ).backend("noop");
 
     @Rule

diff --git a/src/integrationTest/java/org/opensearch/test/framework/TestSecurityConfig.java b/src/integrationTest/java/org/opensearch/test/framework/TestSecurityConfig.java
@@ -815,7 +815,7 @@ public static class AuthcDomain implements ToXContentObject {
         ).httpAuthenticator("basic").backend("internal");
 
         public final static AuthcDomain JWT_AUTH_DOMAIN = new TestSecurityConfig.AuthcDomain("jwt", 1).jwtHttpAuthenticator(
-            new JwtConfigBuilder().jwtHeader(AUTHORIZATION).signingKey(PUBLIC_KEY)
+            new JwtConfigBuilder().jwtHeader(AUTHORIZATION).signingKey(List.of(PUBLIC_KEY))
         ).backend("noop");
 
         private final String id;