From ea9a852ac11d19b74a93d1aa8f5cd888a49b8a6d Mon Sep 17 00:00:00 2001
From: Flytiger <841289699@qq.com>
Date: Mon, 28 Nov 2022 16:11:20 +0800
Subject: [PATCH] support ES256&ES512 alg

---
 lib/resty/openidc.lua | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/resty/openidc.lua b/lib/resty/openidc.lua
index cb78c05..b854359 100644
--- a/lib/resty/openidc.lua
+++ b/lib/resty/openidc.lua
@@ -930,13 +930,14 @@ end
 local function is_algorithm_supported(jwt_header)
   return jwt_header and jwt_header.alg and (jwt_header.alg == "none"
       or string.sub(jwt_header.alg, 1, 2) == "RS"
+      or string.sub(jwt_header.alg, 1, 2) == "ES"
       or string.sub(jwt_header.alg, 1, 2) == "HS")
 end
 
 -- is the JWT signing algorithm an asymmetric one whose key might be
 -- obtained from the discovery endpoint?
 local function uses_asymmetric_algorithm(jwt_header)
-  return string.sub(jwt_header.alg, 1, 2) == "RS"
+  return string.sub(jwt_header.alg, 1, 2) == "RS" or string.sub(jwt_header.alg, 1, 2) == "ES"
 end
 
 -- is the JWT signing algorithm one that has been expected?