func (c *Client) VerifyJWT(jwt jose.JWT) error {
var keysFunc func() []key.PublicKey
if kID, ok := jwt.KeyID(); ok {
keysFunc = c.keysFuncWithID(kID)
} else {
keysFunc = c.keysFuncAll()
}
v := NewJWTVerifier(
c.providerConfig.Issuer,
c.credentials.ID,
c.maybeSyncKeys, keysFunc)
return v.Verify(jwt)
}
func (c *Client) VerifyJWTForClientID(jwt jose.JWT, clientID string) error {
var keysFunc func() []key.PublicKey
if kID, ok := jwt.KeyID(); ok {
keysFunc = c.keysFuncWithID(kID)
} else {
keysFunc = c.keysFuncAll()
}
v := oidc.NewJWTVerifier(
c.providerConfig.Get().Issuer.String(),
clientID,
c.maybeSyncKeys, keysFunc)
return v.Verify(jwt)
}
