feat(providers): expose openid-client options client and jwks (#2717)

balazsorban44 · web-flow · commit 50e6a64832c3 · 2021-09-28T17:32:47.000+02:00
diff --git a/src/providers/oauth.ts b/src/providers/oauth.ts
@@ -5,10 +5,12 @@ import {
   AuthorizationParameters,
   CallbackParamsType,
   Client,
+  ClientMetadata,
   IssuerMetadata,
   OAuthCallbackChecks,
   OpenIDCallbackChecks,
 } from "openid-client"
+import { JSONWebKeySet } from "jose"
 
 export type { OAuthProviderType } from "./oauth-types"
 
@@ -107,6 +109,8 @@ export interface OAuthConfig<P> extends CommonProviderOptions, PartialIssuer {
   version?: string
   profile?: (profile: P, tokens: TokenSet) => Awaitable<User & { id: string }>
   checks?: ChecksType | ChecksType[]
+  client?: Partial<ClientMetadata>
+  jwks?: JSONWebKeySet
   clientId?: string
   clientSecret?:
     | string
diff --git a/src/server/lib/oauth/client.ts b/src/server/lib/oauth/client.ts
@@ -23,11 +23,15 @@ export async function openidClient(options: InternalOptions<"oauth">) {
     })
   }
 
-  const client = new issuer.Client({
-    client_id: provider.clientId,
-    client_secret: provider.clientSecret,
-    redirect_uris: [provider.callbackUrl],
-  })
+  const client = new issuer.Client(
+    {
+      client_id: provider.clientId,
+      client_secret: provider.clientSecret,
+      redirect_uris: [provider.callbackUrl],
+      ...provider.client,
+    },
+    provider.jwks
+  )
 
   return client
 }
