add access token verifier ops to openidProvider

[muir]

For various reasons, I'm not using RS256. While RelyingParty had a way to specify that other algs could be used, OpenIDProivder did not. This change adds the ability to user other crypto algorithms.

Just as an aside, why not have the default accept more algorithms? RS384, RS512, ES256, ES384, ES512 at least.

[codecov]

Codecov Report

Merging #221 (5ed243a) into main (0e7949b) will decrease coverage by 0.06%.
The diff coverage is 0.00%.

@@            Coverage Diff             @@
##             main     #221      +/-   ##
==========================================
- Coverage   12.47%   12.41%   -0.07%     
==========================================
  Files          41       41              
  Lines        3263     3279      +16     
==========================================
  Hits          407      407              
- Misses       2845     2861      +16     
  Partials       11       11              

Impacted Files	Coverage Δ
pkg/op/op.go	0.00% <0.00%> (ø)
pkg/op/verifier_access_token.go	0.00% <0.00%> (ø)
pkg/oidc/userinfo.go	39.62% <0.00%> (-0.51%)	⬇️
pkg/oidc/introspection.go	0.00% <0.00%> (ø)

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

[livio-a]

Just as an aside, why not have the default accept more algorithms? RS384, RS512, ES256, ES384, ES512 at least.

I think the RS256 was just a default because the OIDC spec defines it as must be supported and is default if not provided (e.g. by id_token_signed_response_alg in the discovery, ...) for id_tokens

[github-actions]

🎉 This PR is included in version 1.9.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀