func resolveJWTIssuerJWKS()

in appconfigmgrv2/controllers/istio_policies.go [133:158]

• 23 lines of code
• 5 McCabe index (conditional complexity)

func resolveJWTIssuerJWKS(spec *appconfig.AppEnvConfigTemplateJWT) (issuer string, jwksUri string, err error) {
	switch typ := spec.Type; typ {
	case "google":
		issuer = "https://accounts.google.com"
		jwksUri = "https://www.googleapis.com/oauth2/v3/certs"
	case "firebase":
		const projectParam = "project"
		errParams := fmt.Errorf("missing required param: %v", projectParam)

		ps := spec.Params
		if ps == nil {
			return "", "", errParams
		}
		proj, ok := ps[projectParam]
		if !ok {
			return "", "", errParams
		}

		issuer = fmt.Sprintf("https://securetoken.google.com/%s", proj)
		jwksUri = "https://www.googleapis.com/service_accounts/v1/jwk/securetoken@system.gserviceaccount.com"
	default:
		return "", "", fmt.Errorf("unrecognized jwt auth type: %v", typ)
	}

	return
}