From 48ad3dccdad012fc76a9062e357816ebe129fd2c Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Thu, 16 Sep 2021 09:57:47 +0200
Subject: [PATCH] outposts/proxy: remove deprecated rs256

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
---
 internal/outpost/proxyv2/application/application.go | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)

diff --git a/internal/outpost/proxyv2/application/application.go b/internal/outpost/proxyv2/application/application.go
index 094eceaf0..a83bebdcb 100644
--- a/internal/outpost/proxyv2/application/application.go
+++ b/internal/outpost/proxyv2/application/application.go
@@ -1,7 +1,6 @@
 package application
 
 import (
-	"context"
 	"crypto/tls"
 	"encoding/gob"
 	"net/http"
@@ -49,15 +48,7 @@ func NewApplication(p api.ProxyOutpostConfig, c *http.Client, cs *ak.CryptoStore
 		log.WithError(err).Warning("Failed to parse URL, skipping provider")
 	}
 
-	// Support for RS256, new proxy providers will use HS256 but old ones
-	// might not, and this makes testing easier
-	var ks oidc.KeySet
-	if contains(p.OidcConfiguration.IdTokenSigningAlgValuesSupported, "HS256") {
-		ks = hs256.NewKeySet(*p.ClientSecret)
-	} else {
-		ctx := context.WithValue(context.Background(), oauth2.HTTPClient, c)
-		oidc.NewRemoteKeySet(ctx, p.OidcConfiguration.JwksUri)
-	}
+	ks := hs256.NewKeySet(*p.ClientSecret)
 
 	var verifier = oidc.NewVerifier(p.OidcConfiguration.Issuer, ks, &oidc.Config{
 		ClientID:             *p.ClientId,