From 19721959f864cc9f427fee0b5717a26dd7d88c42 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?K=C3=A9vin=20Commaille?= <zecakeh@tedomum.fr>
Date: Wed, 14 Sep 2022 18:17:51 +0200
Subject: [PATCH] Export list of supported algorithms from mas-jose

---
 crates/handlers/src/oauth2/discovery.rs | 25 +++++--------------------
 crates/jose/src/jwa/mod.rs              | 17 +++++++++++++++++
 2 files changed, 22 insertions(+), 20 deletions(-)

diff --git a/crates/handlers/src/oauth2/discovery.rs b/crates/handlers/src/oauth2/discovery.rs
index 3ecaebab..878a9e09 100644
--- a/crates/handlers/src/oauth2/discovery.rs
+++ b/crates/handlers/src/oauth2/discovery.rs
@@ -13,13 +13,11 @@
 // limitations under the License.
 
 use axum::{extract::State, response::IntoResponse, Json};
-use mas_iana::{
-    jose::JsonWebSignatureAlg,
-    oauth::{
-        OAuthAuthorizationEndpointResponseType, OAuthClientAuthenticationMethod,
-        PkceCodeChallengeMethod,
-    },
+use mas_iana::oauth::{
+    OAuthAuthorizationEndpointResponseType, OAuthClientAuthenticationMethod,
+    PkceCodeChallengeMethod,
 };
+use mas_jose::jwa::SUPPORTED_SIGNING_ALGORITHMS;
 use mas_keystore::Keystore;
 use mas_router::UrlBuilder;
 use oauth2_types::{
@@ -43,20 +41,7 @@ pub(crate) async fn get(
     ]);
 
     // Those are the algorithms supported by `mas-jose`
-    let client_auth_signing_alg_values_supported = Some(vec![
-        JsonWebSignatureAlg::Hs256,
-        JsonWebSignatureAlg::Hs384,
-        JsonWebSignatureAlg::Hs512,
-        JsonWebSignatureAlg::Rs256,
-        JsonWebSignatureAlg::Rs384,
-        JsonWebSignatureAlg::Rs512,
-        JsonWebSignatureAlg::Ps256,
-        JsonWebSignatureAlg::Ps384,
-        JsonWebSignatureAlg::Ps512,
-        JsonWebSignatureAlg::Es256,
-        JsonWebSignatureAlg::Es384,
-        JsonWebSignatureAlg::Es256K,
-    ]);
+    let client_auth_signing_alg_values_supported = Some(SUPPORTED_SIGNING_ALGORITHMS.to_vec());
 
     // This is how we can sign stuff
     let jwt_signing_alg_values_supported = Some(key_store.available_signing_algorithms());
diff --git a/crates/jose/src/jwa/mod.rs b/crates/jose/src/jwa/mod.rs
index 3e64cb98..b6a398fc 100644
--- a/crates/jose/src/jwa/mod.rs
+++ b/crates/jose/src/jwa/mod.rs
@@ -12,6 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+use mas_iana::jose::JsonWebSignatureAlg;
 use sha2::{Sha256, Sha384, Sha512};
 
 mod asymmetric;
@@ -49,3 +50,19 @@ pub type Es384SigningKey = ecdsa::SigningKey<p384::NistP384>;
 pub type Es384VerifyingKey = ecdsa::VerifyingKey<p384::NistP384>;
 pub type Es256KSigningKey = ecdsa::SigningKey<k256::Secp256k1>;
 pub type Es256KVerifyingKey = ecdsa::VerifyingKey<k256::Secp256k1>;
+
+/// All the signing algorithms supported by this crate.
+pub const SUPPORTED_SIGNING_ALGORITHMS: [JsonWebSignatureAlg; 12] = [
+    JsonWebSignatureAlg::Hs256,
+    JsonWebSignatureAlg::Hs384,
+    JsonWebSignatureAlg::Hs512,
+    JsonWebSignatureAlg::Rs256,
+    JsonWebSignatureAlg::Rs384,
+    JsonWebSignatureAlg::Rs512,
+    JsonWebSignatureAlg::Ps256,
+    JsonWebSignatureAlg::Ps384,
+    JsonWebSignatureAlg::Ps512,
+    JsonWebSignatureAlg::Es256,
+    JsonWebSignatureAlg::Es384,
+    JsonWebSignatureAlg::Es256K,
+];