socialde.pt
+4
README.md
+4
README.md
···
448
448
'disabled' => false,
449
449
'prefix' => '/atp/oauth/',
450
450
'private_key' => env('ATP_OAUTH_PRIVATE_KEY'),
451
+
'kid' => env('ATP_OAUTH_KID', 'atp-client-key'),
451
452
],
452
453
453
454
// HTTP client settings
···
468
469
ATP_CLIENT_URL="https://myapp.com"
469
470
ATP_CLIENT_REDIRECT_URI="https://myapp.com/auth/atp/callback"
470
471
ATP_OAUTH_PRIVATE_KEY="base64-encoded-private-key"
472
+
ATP_OAUTH_KID="atp-client-key"
471
473
ATP_REFRESH_THRESHOLD=300
472
474
ATP_HTTP_TIMEOUT=30
473
475
```
476
+
477
+
The `ATP_OAUTH_KID` is the Key ID used in your JWKS endpoint. Some developers may require this to match a specific value. The default is `atp-client-key`.
474
478
475
479
## Credential Storage
476
480
+2
-1
config/client.php
+2
-1
config/client.php
···
70
70
'disabled' => env('ATP_OAUTH_DISABLED', false),
71
71
'prefix' => env('ATP_OAUTH_PREFIX', '/atp/oauth/'),
72
72
'private_key' => env('ATP_OAUTH_PRIVATE_KEY'),
73
+
'kid' => env('ATP_OAUTH_KID', 'atp-client-key'),
73
74
'scope' => env('ATP_OAUTH_SCOPE', 'atproto transition:generic'),
74
75
75
76
'client_metadata' => [
···
96
97
'sleep' => env('ATP_HTTP_RETRY_SLEEP', 100),
97
98
],
98
99
],
99
-
];
100
+
];
+2
-1
src/Crypto/JsonWebKeySet.php
+2
-1
src/Crypto/JsonWebKeySet.php
···
19
19
public static function load(): static
20
20
{
21
21
$key = \SocialDept\AtpClient\Auth\OAuthKey::load();
22
+
$kid = config('client.oauth.kid', 'key-1');
22
23
23
-
return (new static)->addKey($key->toJWK()->asPublic());
24
+
return (new static)->addKey($key->toJWK()->withKid($kid)->asPublic());
24
25
}
25
26
26
27
/**