From 8a9339e8d4cfb1d1b888e6c734394ad7d1b4ec59 Mon Sep 17 00:00:00 2001
From: Calvin Leung Huang <cleung2010@gmail.com>
Date: Mon, 17 Aug 2020 14:01:15 -0700
Subject: [PATCH] adding EdDSA (ed25519) to supported algorithms (#129) (#132)

Co-authored-by: Chris Hoffman <99742+chrishoffman@users.noreply.github.com>
---
 path_config.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/path_config.go b/path_config.go
index 46fa669f..ef6f71dd 100644
--- a/path_config.go
+++ b/path_config.go
@@ -17,6 +17,7 @@ import (
 	"github.com/hashicorp/vault/sdk/helper/strutil"
 	"github.com/hashicorp/vault/sdk/logical"
 	"golang.org/x/oauth2"
+	jose "gopkg.in/square/go-jose.v2"
 )
 
 const (
@@ -258,7 +259,7 @@ func (b *jwtAuthBackend) pathConfigWrite(ctx context.Context, req *logical.Reque
 	// default to e.g. "none".
 	for _, a := range config.JWTSupportedAlgs {
 		switch a {
-		case oidc.RS256, oidc.RS384, oidc.RS512, oidc.ES256, oidc.ES384, oidc.ES512, oidc.PS256, oidc.PS384, oidc.PS512:
+		case oidc.RS256, oidc.RS384, oidc.RS512, oidc.ES256, oidc.ES384, oidc.ES512, oidc.PS256, oidc.PS384, oidc.PS512, string(jose.EdDSA):
 		default:
 			return logical.ErrorResponse(fmt.Sprintf("Invalid supported algorithm: %s", a)), nil
 		}