From 84cf50f2fca7f472ae03b334a772caa1f158beda Mon Sep 17 00:00:00 2001
From: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Date: Sun, 7 Jan 2024 20:06:03 +0000
Subject: [PATCH] backport of commit ee0ccea547ae6a6c3c097e67903d5cc2b9184f2a

---
 changelog/24697.txt              |  3 +++
 ui/app/models/auth-config/jwt.js | 30 +++++++++++++++++++++++++++++-
 2 files changed, 32 insertions(+), 1 deletion(-)
 create mode 100644 changelog/24697.txt

diff --git a/changelog/24697.txt b/changelog/24697.txt
new file mode 100644
index 000000000000..49492d19b290
--- /dev/null
+++ b/changelog/24697.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+ui: Fixes input for jwks_ca_pem when configuring a JWT auth method
+```
\ No newline at end of file
diff --git a/ui/app/models/auth-config/jwt.js b/ui/app/models/auth-config/jwt.js
index e1e0db56b7e7..796447bec54c 100644
--- a/ui/app/models/auth-config/jwt.js
+++ b/ui/app/models/auth-config/jwt.js
@@ -24,12 +24,31 @@ export default AuthConfig.extend({
   oidcClientSecret: attr('string', {
     label: 'OIDC client secret',
   }),
+
   oidcDiscoveryCaPem: attr('string', {
     label: 'OIDC discovery CA PEM',
     editType: 'file',
     helpText:
       'The CA certificate or chain of certificates, in PEM format, to use to validate connections to the OIDC Discovery URL. If not set, system certificates are used',
   }),
+
+  jwksCaPem: attr('string', {
+    label: 'JWKS CA PEM',
+    editType: 'file',
+  }),
+
+  jwksUrl: attr('string', {
+    label: 'JWKS URL',
+  }),
+
+  oidcResponseMode: attr('string', {
+    label: 'OIDC response mode',
+  }),
+
+  oidcResponseTypes: attr('string', {
+    label: 'OIDC response types',
+  }),
+
   jwtValidationPubkeys: attr({
     label: 'JWT validation public keys',
     editType: 'stringArray',
@@ -38,14 +57,23 @@ export default AuthConfig.extend({
   jwtSupportedAlgs: attr({
     label: 'JWT supported algorithms',
   }),
+
   boundIssuer: attr('string', {
     helpText: 'The value against which to match the iss claim in a JWT',
   }),
+
   fieldGroups: computed('constructor.modelName', 'newFields', function () {
     const type = this.constructor.modelName.split('/')[1].toUpperCase();
     let groups = [
       {
-        default: ['oidcDiscoveryUrl', 'defaultRole'],
+        default: [
+          'oidcDiscoveryUrl',
+          'defaultRole',
+          'jwksCaPem',
+          'jwksUrl',
+          'oidcResponseMode',
+          'oidcResponseTypes',
+        ],
       },
       {
         [`${type} Options`]: [