nextcloud/lib/private/OCM/OCMJwksHandler.php

<?php

declare(strict_types=1);

/**
 * SPDX-FileCopyrightText: 2026 Nextcloud GmbH and Nextcloud contributors
 * SPDX-License-Identifier: AGPL-3.0-or-later
 */

namespace OC\OCM;

use OCP\AppFramework\Http\JSONResponse;
use OCP\Http\WellKnown\GenericResponse;
use OCP\Http\WellKnown\IHandler;
use OCP\Http\WellKnown\IRequestContext;
use OCP\Http\WellKnown\IResponse;
use OCP\IAppConfig;
use Psr\Log\LoggerInterface;
use Throwable;

/** Serves `/.well-known/jwks.json` (RFC 7517) with the OCM signing keys. */
class OCMJwksHandler implements IHandler {
	public function __construct(
		private readonly IAppConfig $appConfig,
		private readonly OCMSignatoryManager $signatoryManager,
		private readonly LoggerInterface $logger,
	) {
	}

	#[\Override]
	public function handle(string $service, IRequestContext $context, ?IResponse $previousResponse): ?IResponse {
		if ($service !== 'jwks.json') {
			return $previousResponse;
		}

		$keys = [];
		if (!$this->appConfig->getValueBool('core', OCMSignatoryManager::APPCONFIG_SIGN_DISABLED, lazy: true)) {
			try {
				foreach ($this->signatoryManager->getLocalJwks() as $jwk) {
					$keys[] = $jwk;
				}
			} catch (Throwable $e) {
				$this->logger->warning('failed to build local JWKs', ['exception' => $e]);
			}
		}

		return new GenericResponse(new JSONResponse(['keys' => $keys]));
	}
}
feat(http-sig): OCM Ed25519 keys, JWKS endpoint, http-sig capability OCM dual-stack integration of RFC 9421 alongside the existing cavage publicKey path: - OCMSignatoryManager: Ed25519 active/pending/retiring slot rotation backed by numbered pool appkeys, getRemoteKey for inbound JWK lookup with per-origin cache + cache-miss refetch, and getLocalEd25519Jwks for the JWKS endpoint. - Rfc9421SignatoryManager: per-call wrapper that swaps in the Ed25519 signatory and toggles `rfc9421.format`. - OCMJwksHandler: serves /.well-known/jwks.json (RFC 7517) when signing is enabled. - OCMDiscoveryService: advertises `http-sig` in capabilities when signing is enabled, and picks the signature scheme on outbound based on the remote's advertised capabilities. - Application.php: register the JWKS well-known handler. Signed-off-by: Micke Nordin <kano@sunet.se> 2026-05-05 10:29:45 -04:00			`<?php`

			`declare(strict_types=1);`

			`/**`
			`* SPDX-FileCopyrightText: 2026 Nextcloud GmbH and Nextcloud contributors`
			`* SPDX-License-Identifier: AGPL-3.0-or-later`
			`*/`

			`namespace OC\OCM;`

			`use OCP\AppFramework\Http\JSONResponse;`
			`use OCP\Http\WellKnown\GenericResponse;`
			`use OCP\Http\WellKnown\IHandler;`
			`use OCP\Http\WellKnown\IRequestContext;`
			`use OCP\Http\WellKnown\IResponse;`
			`use OCP\IAppConfig;`
			`use Psr\Log\LoggerInterface;`
			`use Throwable;`

fix: Make sodium optional This commit switches the default signature algorithm to ecdsa-p256-sha256 instead of Ed25519. This allows us to make sodium optional again, and we only pull it in to use it for verifying incomming signatures. If sodium is not installed, we throw on Ed25519 signatures instead. At least it is easy for most people to make their Nextcloud install fully RFC compliant by installing sodium. I also renamed all the Ed25519 function names to be more precis, using Jwks for the JSON Web Keys, and RFC9421 for the http-signature code, where it is needed to distinguish from draft-cavage signatures. Signed-off-by: Micke Nordin <kano@sunet.se> 2026-05-11 10:13:13 -04:00			/** Serves `/.well-known/jwks.json` (RFC 7517) with the OCM signing keys. */
feat(http-sig): OCM Ed25519 keys, JWKS endpoint, http-sig capability OCM dual-stack integration of RFC 9421 alongside the existing cavage publicKey path: - OCMSignatoryManager: Ed25519 active/pending/retiring slot rotation backed by numbered pool appkeys, getRemoteKey for inbound JWK lookup with per-origin cache + cache-miss refetch, and getLocalEd25519Jwks for the JWKS endpoint. - Rfc9421SignatoryManager: per-call wrapper that swaps in the Ed25519 signatory and toggles `rfc9421.format`. - OCMJwksHandler: serves /.well-known/jwks.json (RFC 7517) when signing is enabled. - OCMDiscoveryService: advertises `http-sig` in capabilities when signing is enabled, and picks the signature scheme on outbound based on the remote's advertised capabilities. - Application.php: register the JWKS well-known handler. Signed-off-by: Micke Nordin <kano@sunet.se> 2026-05-05 10:29:45 -04:00			`class OCMJwksHandler implements IHandler {`
			`public function __construct(`
			`private readonly IAppConfig $appConfig,`
			`private readonly OCMSignatoryManager $signatoryManager,`
			`private readonly LoggerInterface $logger,`
			`) {`
			`}`

			`#[\Override]`
			`public function handle(string $service, IRequestContext $context, ?IResponse $previousResponse): ?IResponse {`
			`if ($service !== 'jwks.json') {`
			`return $previousResponse;`
			`}`

			`$keys = [];`
			`if (!$this->appConfig->getValueBool('core', OCMSignatoryManager::APPCONFIG_SIGN_DISABLED, lazy: true)) {`
			`try {`
fix: Make sodium optional This commit switches the default signature algorithm to ecdsa-p256-sha256 instead of Ed25519. This allows us to make sodium optional again, and we only pull it in to use it for verifying incomming signatures. If sodium is not installed, we throw on Ed25519 signatures instead. At least it is easy for most people to make their Nextcloud install fully RFC compliant by installing sodium. I also renamed all the Ed25519 function names to be more precis, using Jwks for the JSON Web Keys, and RFC9421 for the http-signature code, where it is needed to distinguish from draft-cavage signatures. Signed-off-by: Micke Nordin <kano@sunet.se> 2026-05-11 10:13:13 -04:00			`foreach ($this->signatoryManager->getLocalJwks() as $jwk) {`
feat(http-sig): OCM Ed25519 keys, JWKS endpoint, http-sig capability OCM dual-stack integration of RFC 9421 alongside the existing cavage publicKey path: - OCMSignatoryManager: Ed25519 active/pending/retiring slot rotation backed by numbered pool appkeys, getRemoteKey for inbound JWK lookup with per-origin cache + cache-miss refetch, and getLocalEd25519Jwks for the JWKS endpoint. - Rfc9421SignatoryManager: per-call wrapper that swaps in the Ed25519 signatory and toggles `rfc9421.format`. - OCMJwksHandler: serves /.well-known/jwks.json (RFC 7517) when signing is enabled. - OCMDiscoveryService: advertises `http-sig` in capabilities when signing is enabled, and picks the signature scheme on outbound based on the remote's advertised capabilities. - Application.php: register the JWKS well-known handler. Signed-off-by: Micke Nordin <kano@sunet.se> 2026-05-05 10:29:45 -04:00			`$keys[] = $jwk;`
			`}`
			`} catch (Throwable $e) {`
fix: Make sodium optional This commit switches the default signature algorithm to ecdsa-p256-sha256 instead of Ed25519. This allows us to make sodium optional again, and we only pull it in to use it for verifying incomming signatures. If sodium is not installed, we throw on Ed25519 signatures instead. At least it is easy for most people to make their Nextcloud install fully RFC compliant by installing sodium. I also renamed all the Ed25519 function names to be more precis, using Jwks for the JSON Web Keys, and RFC9421 for the http-signature code, where it is needed to distinguish from draft-cavage signatures. Signed-off-by: Micke Nordin <kano@sunet.se> 2026-05-11 10:13:13 -04:00			`$this->logger->warning('failed to build local JWKs', ['exception' => $e]);`
feat(http-sig): OCM Ed25519 keys, JWKS endpoint, http-sig capability OCM dual-stack integration of RFC 9421 alongside the existing cavage publicKey path: - OCMSignatoryManager: Ed25519 active/pending/retiring slot rotation backed by numbered pool appkeys, getRemoteKey for inbound JWK lookup with per-origin cache + cache-miss refetch, and getLocalEd25519Jwks for the JWKS endpoint. - Rfc9421SignatoryManager: per-call wrapper that swaps in the Ed25519 signatory and toggles `rfc9421.format`. - OCMJwksHandler: serves /.well-known/jwks.json (RFC 7517) when signing is enabled. - OCMDiscoveryService: advertises `http-sig` in capabilities when signing is enabled, and picks the signature scheme on outbound based on the remote's advertised capabilities. - Application.php: register the JWKS well-known handler. Signed-off-by: Micke Nordin <kano@sunet.se> 2026-05-05 10:29:45 -04:00			`}`
			`}`

			`return new GenericResponse(new JSONResponse(['keys' => $keys]));`
			`}`
			`}`