Update OIDC id_token_signing_alg_values_supported for wider algo support

Previously the message verification required RS256 with no other checks on algo. While technically RS256 MUST be supported, some implementations have abandoned it's use as insecure and instead require for example ES256 as a minimum baseline. This change slightly relaxes the check in a future compatible way while still making sure an actual alg is specified instead of `none`. ```python >>> bad = ["none"] >>> good = ["ES256"] >>> dodgy = ["none", "RS256"] >>> empty = [] >>> any(i.lower() != "none" for i in dodgy) True >>> any(i.lower() != "none" for i in empty) False >>> any(i.lower() != "none" for i in good) True >>> any(i.lower() != "none" for i in bad) False ```
IdentityPython · Sep 9, 2024 · 4a006fc · 4a006fc
1 parent 0290fb0
commit 4a006fc
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/src/idpyoidc/message/oidc/__init__.py b/src/idpyoidc/message/oidc/__init__.py
@@ -942,8 +942,11 @@ def verify(self, **kwargs):
                 "token_endpoint_auth_signing_alg_values_supported"
             )
 
-        if "RS256" not in self["id_token_signing_alg_values_supported"]:
-            raise ValueError("RS256 missing from id_token_signing_alg_values_supported")
+        # Check that any alg that is not "none" is supported.
+        # While OpenID Connect Core 1.0 says RS256 MUST be supported,
+        # reality has moved on and more modern alg values may be required.
+        if not any(i.lower() == "none" for i in self["id_token_signing_alg_values_supported"]):
+            raise ValueError("Secure signing algorithm (for example RS256 or ES256) missing from id_token_signing_alg_values_supported")
 
         if not parts.query and not parts.fragment:
             pass