[PR #5912] More flexible OIDC key support #6592

New Issue

Open

opened 2026-02-05 10:36:18 +03:00 by OVERLORD · 0 comments

OVERLORD commented 2026-02-05 10:36:18 +03:00

Owner

Copy Link

📋 Pull Request Information

Original PR: https://github.com/BookStackApp/BookStack/pull/5912
Author: @McTom234
Created: 11/23/2025
Status: 🔄 Open

Base: development ← Head: oidc-key-algorithms

---

📝 Commits (1)

• 743657d feat(auth/oidc): wider key algorithm support

📊 Changes

4 files changed (+34 additions, -7 deletions)

View changed files

📝 app/Access/Oidc/OidcJwtSigningKey.php (+14 -3)
➕ app/Access/Oidc/OidcJwtSigningKeyAlgorithm.php (+16 -0)
📝 app/Access/Oidc/OidcJwtWithClaims.php (+2 -2)
📝 app/Access/Oidc/OidcProviderSettings.php (+2 -2)

📄 Description

The goal of this PR is to allow more key algorithms for OIDC signing keys.

The concerns regarding such implementation in #5390 were considered. I try to address them by allowing a flexible, extensible, and somewhat maintainable approach, which I gratefully take feedback on and am willing to improve by the feedback provided.

Therefore, the issue with this PR is not the few lines of code changed but the architecture of how more key algorithms could be supported. For presentation reasons, I added the RS512 algorithm, which I had done before.
If the suggested approach would be considered by the maintainers, I needed some support to extend and test this with more common algorithms like ES256 as described in the issue mentioned above.

Besides that, the test suits would probably need at least a test case per key algorithm to confirm that the implementations are working, which is currently a ToDo.

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/BookStackApp/BookStack/pull/5912 **Author:** [@McTom234](https://github.com/McTom234) **Created:** 11/23/2025 **Status:** 🔄 Open **Base:** `development` ← **Head:** `oidc-key-algorithms` --- ### 📝 Commits (1) - [`743657d`](https://github.com/BookStackApp/BookStack/commit/743657dbace4f7eea2691211ee7de68bb1e74205) feat(auth/oidc): wider key algorithm support ### 📊 Changes **4 files changed** (+34 additions, -7 deletions) <details> <summary>View changed files</summary> 📝 `app/Access/Oidc/OidcJwtSigningKey.php` (+14 -3) ➕ `app/Access/Oidc/OidcJwtSigningKeyAlgorithm.php` (+16 -0) 📝 `app/Access/Oidc/OidcJwtWithClaims.php` (+2 -2) 📝 `app/Access/Oidc/OidcProviderSettings.php` (+2 -2) </details> ### 📄 Description The goal of this PR is to allow more key algorithms for OIDC signing keys. The concerns regarding such implementation in #5390 were considered. I try to address them by allowing a flexible, extensible, and somewhat maintainable approach, which I gratefully take feedback on and am willing to improve by the feedback provided. Therefore, the issue with this PR is not the few lines of code changed but the architecture of how more key algorithms could be supported. For presentation reasons, I added the RS512 algorithm, which I had done before. If the suggested approach would be considered by the maintainers, I needed some support to extend and test this with more common algorithms like ES256 as described in the issue mentioned above. Besides that, the test suits would probably need at least a test case per key algorithm to confirm that the implementations are working, which is currently a ToDo. --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

OVERLORD added the pull-request label 2026-02-05 10:36:18 +03:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

development

l10n_development

release

v26-03

ci_fixing

codeberg-actions

lexical_may_2026

MilnerMart/development

sort_rule_text

GamerClassN7/impersonations-for-admin

Zhey-on/feature/csp-image-css-controls-6033

tortillas5/development

clauvaldez/mfaReset

llm_only

vectors

McTom234/oidc-key-algorithms

docker_env

drawio_rendering

user_permissions

ldap_host_failover

svg_image

prosemirror

captcha_example

fix/video-export

v26.03.4

v26.03.3

v26.03.2

v26.03.1

v26.03

v25.12.9

v25.12.8

v25.12.7

v25.12.6

v25.12.5

v25.12.4

v25.12.3

v25.12.2

v25.12.1

v25.12

v25.11.6

v25.11.5

v25.11.4

v24.11.4

v25.11.3

v25.11.2

v25.11.1

v25.11

v25.07.3

v25.07.2

v25.07.1

v25.07

v25.05.2

v25.05.1

v25.05

v25.02.5

v25.02.4

v25.02.3

v25.02.2

v25.02.1

v25.02

v24.12.1

v24.12

v24.10.3

v24.10.2

v24.10.1

v24.10

v24.05.4

v24.05.3

v24.05.2

v24.05.1

v24.05

v24.02.3

v24.02.2

v24.02.1

v24.02

v23.12.3

v23.12.2

v23.12.1

v23.12

v23.10.4

v23.10.3

v23.10.2

v23.10.1

v23.10

v23.08.3

v23.08.2

v23.08.1

v23.08

v23.06.2

v23.06.1

v23.06

v23.05.2

v23.05.1

v23.05

v23.02.3

v23.02.2

v23.02.1

v23.02

v23.01.1

v23.01

v22.11.1

v22.11

v22.10.2

v22.10.1

v22.10

v22.09.1

v22.09

v22.07.3

v22.07.2

v22.07.1

v22.07

v22.06.2

v22.06.1

v22.06

v22.04.2

v22.04.1

v22.04

v22.03.1

v22.03

v22.02.3

v22.02.2

v22.02.1

v22.02

v21.12.5

v21.12.4

v21.12.3

v21.12.2

v21.12.1

v21.12

v21.11.3

v21.11.2

v21.11.1

v21.11

v21.10.3

v21.10.2

v21.10.1

v21.10

v21.08.6

v21.08.5

v21.08.4

v21.08.3

v21.08.2

v21.08.1

v21.08

v21.05.4

v21.05.3

v21.05.2

v21.05.1

v21.05

v21.04.6

v21.04.5

v21.04.4

v21.04.3

v21.04.2

v21.04.1

v21.04

v0.31.8

v0.31.7

v0.31.6

v0.31.5

v0.31.4

v0.31.3

v0.31.2

v0.31.1

v0.31.0

v0.30.7

v0.30.6

v0.30.5

v0.30.4

v0.30.3

v0.30.2

v0.30.1

v0.30.0

v0.29.3

v0.29.2

v0.29.1

v0.29.0

v0.28.3

v0.28.2

v0.28.1

v0.28.0

v0.27.5

v0.27.4

v0.27.3

v0.27.2

v0.27.1

v0.27

v0.26.4

v0.26.3

v0.26.2

v0.26.1

v0.26.0

v0.25.5

v0.25.4

v0.25.3

v0.25.2

v0.25.1

v0.25.0

v0.24.3

v0.24.2

v0.24.1

v0.24.0

v0.23.2

v0.23.1

v0.23.0

v0.22.0

v0.21.0

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.0

v0.18.5

v0.18.4

v0.18.3

v0.18.2

v0.18.1

v0.18.0

v0.17.4

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.3

v0.15.2

v0.15.1

v0.15.0

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.13.1

v0.13.0

v0.12.2

v0.12.1

v0.12.0

v0.11.2

v0.11.1

v0.11.0

v0.10.0

v0.9.3

v0.9.2

v0.9.1

v0.9.0

v0.8.2

v0.8.1

v0.8.0

v0.7.6

v0.7.5

v0.7.4

v0.7.3

0.7.2

v.0.7.1

v0.7.0

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.0

Labels

Clear labels

🎨 Design

📖 Docs Update

🐛 Bug

🐛 Bug

:cat2:🐈 Possible duplicate

💿 Database

☕ Open to discussion

💻 Front-End

🐕 Support

🚪 Authentication

🌍 Translations

🔌 API Task

🏭 Back-End

⛲ Upstream

🔨 Feature Request

🛠️ Enhancement

🛠️ Enhancement

🛠️ Enhancement

❤️ Happy feedback

🔒 Security

🔍 Pending Validation

💆 UX

📝 WYSIWYG Editor

🌔 Out of scope

🔩 API Request

:octocat: Admin/Meta

🖌️ View Customization

❓ Question

🚀 Priority

🛡️ Blocked

🚚 Export System

♿ A11y

🔧 Maintenance

> Markdown Editor

pull-request

Mirrored from GitHub Pull Request

No Label pull-request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#6592