Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: could not reuse a signing key otherwise it would create in accounts & orders and fail the OIDC challenge. The OIDC challenge was not retryable

Browse Source
pull/1671/head
beltram 9 months ago committed by Herman Slatman
parent 83f76433a8
commit 13df461e97
No known key found for this signature in database
GPG Key ID: F4D8A44EA0A75A4F
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File

8
acme/challenge.go
Unescape Escape View File

@ -447,11 +447,13 @@ func wireOIDC01Validate(ctx context.Context, ch *Challenge, db DB, jwk *jose.JSO
return WrapErrorISE(err, "Could not find current order by account id")
}
if len(orders) != 1 {
return WrapErrorISE(err, "There are too many orders for this account for this custom OIDC challenge")
if len(orders) == 0 {
return WrapErrorISE(err, "There are not enough orders for this account for this custom OIDC challenge")
}
if err := db.CreateOidcToken(ctx, orders[0], oidcToken); err != nil {
order := orders[len(orders)]
if err := db.CreateOidcToken(ctx, order, oidcToken); err != nil {
return WrapErrorISE(err, "Failed storing OIDC id token")
}

Write Preview
Loading…
Cancel
Save