X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/2d5acd199b059ec5d508ca967080f128dcd712f3..50cfc0a95cb5cedda0f8043f754a26afafe0a9db:/test/integration/oauth2_test.rb

diff --git a/test/integration/oauth2_test.rb b/test/integration/oauth2_test.rb
index 35893e4ab..3fe59cbdd 100644
--- a/test/integration/oauth2_test.rb
+++ b/test/integration/oauth2_test.rb
@@ -91,7 +91,7 @@ class OAuth2Test < ActionDispatch::IntegrationTest
     id_token = token["id_token"]
     assert_not_nil id_token
 
-    data, _headers = JWT.decode id_token, Doorkeeper::OpenidConnect.signing_key.public_key, true, {
+    data, _headers = JWT.decode id_token, nil, true, {
       :algorithm => [Doorkeeper::OpenidConnect.signing_algorithm.to_s],
       :verify_iss => true,
       :iss => "#{Settings.server_protocol}://#{Settings.server_url}",
@@ -99,7 +99,13 @@ class OAuth2Test < ActionDispatch::IntegrationTest
       :sub => user.id,
       :verify_aud => true,
       :aud => client.uid
-    }
+    } do |headers, _payload|
+      kid = headers["kid"]
+      get oauth_discovery_keys_path
+      keys = response.parsed_body["keys"]
+      jwk = keys&.detect { |e| e["kid"] == kid }
+      jwk && JWT::JWK::RSA.import(jwk).public_key
+    end
 
     assert_equal user.id.to_s, data["sub"]
     assert_not data.key?("preferred_username")
@@ -151,7 +157,6 @@ class OAuth2Test < ActionDispatch::IntegrationTest
     }.merge(options)
 
     get oauth_authorization_path(options)
-    assert_response :redirect
     assert_redirected_to login_path(:referer => request.fullpath)
 
     post login_path(:username => user.email, :password => "test")