[Update to 2.9.1] ID token signed with an unsupported algorithm

Summary

Hi @p53, after the update to 2.9.1, I’m facing an issue with the ID token and the proxy mentioned that the signature algorithm is not supported. I’m running Keycloak with default settings and I’ve already tried to adjust the client settings and signature algorithm on the Keycloak side to a listed algorithm (error message). After changing the algorithm the issue persists. The corresponding error occurs after the update from Gatekeeper version 2.9.0 to 2.9.1. Do you have changed something related to the signature algorithm?

Environment

• OS: Debian 10 Buster
• Kernel: Linux 4.19.0-24-amd64
• Go: 1.20
• Server: Keycloak 23.0.1 (behind an Apache2 reverse proxy)
• Gatekeeper: 2.9.1

Expected Results

The calls should work as expected and deliver the same result as with version 2.9.0 of the gatekeeper.

Actual Results

refresh token failed verification {"error": "invalid token signature\noidc: id token signed with unsupported algorithm, expected [\"PS384\" \"ES384\" \"RS384\" \"ES256\" \"RS256\" \"ES512\" \"PS256\" \"PS512\" \"RS512\"] got \"HS256\""}