get jwks settings from config

configuration/local.yaml

@@ -3,3 +3,6 @@ application:
   base_url: "http://127.0.0.1"
 database:
   require_ssl: false
+jwks:
+  url: "http://localhost:8088/realms/test"
+  authority: "account"

src/config/jwks.rs

@@ -5,6 +5,7 @@ use jsonwebtoken::{
     DecodingKey, TokenData, Validation,
 };
 use serde::de::DeserializeOwned;
+use serde::Deserialize;
 use std::collections::HashMap;
 use thiserror::Error;
 use tracing::{debug, info};
@@ -69,8 +70,12 @@ impl Jwks {
                         },
                     );
                 }
-                _ => {
+                other => {
-                    info!(%kid,  "Ignoring unsupported key.")
+                    return Err(JwkError::UnexpectedAlgorithm {
+                        key_id: kid,
+                        algorithm: other.to_owned(),
+                    }
+                    .into())
                 }
             }
         }
@@ -156,3 +161,9 @@ pub(crate) enum JwkError {
         key_id: String,
     },
 }
+
+#[derive(Deserialize, Clone)]
+pub struct JwksSettings {
+    pub url: String,
+    pub authority: String,
+}

src/config/mod.rs

@@ -7,10 +7,13 @@ use app::ApplicationSettings;
 use database::DatabaseSettings;
 use serde::Deserialize;
 
+use self::jwks::JwksSettings;
+
 #[derive(Deserialize, Clone)]
 pub struct Settings {
     pub database: DatabaseSettings,
     pub application: ApplicationSettings,
+    pub jwks: JwksSettings,
 }
 
 pub fn get_configuration() -> Result<Settings, config::ConfigError> {

src/startup.rs

@@ -8,8 +8,7 @@ use std::net::TcpListener;
 pub async fn build(settings: Settings) -> anyhow::Result<()> {
     let api_context = ApiContext {
         db: settings.database.get_connection_pool(),
-        jwks: Jwks::from_authority("http://localhost:8088/realms/test", "account".to_string())
+        jwks: Jwks::from_authority(&settings.jwks.url, settings.jwks.authority).await?,
-            .await?,
     };
     let api_router = build_routes(api_context);
     let address = format!(