I want to use OpenID Connect server and want to use JWTs for Client Authentication:
POST /token.oauth2 HTTP/1.1
Host: as.example.com
Content-Type: application/x-www-form-urlencoded
grant_type=authorization_code&
code=n0esc3NRze7LTCu7iYzS6a5acc3f0ogp4&
client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3A
client-assertion-type%3Ajwt-bearer&
client_assertion=eyJhbGciOiJSUzI1NiIsImtpZCI6IjIyIn0.
eyJpc3Mi[...omitted for brevity...].
cC4hiUPo[...omitted for brevity...]
As far as I concerned I need RFC7523 implementation and GO implements it in oauth2. But there I found only how to use JWTs as Authorization Grants:
POST /token.oauth2 HTTP/1.1
Host: as.example.com
Content-Type: application/x-www-form-urlencoded
grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer
&assertion=eyJhbGciOiJFUzI1NiJ9.
eyJpc3Mi[...omitted for brevity...].
J9l-ZhwP[...omitted for brevity...]
So how I can use JWTs for Client Authentication in Go?
What RFC7523 define is a way to use JWT as client authentication or authorization grants. That mean if defines extension to,
Use a JWT to convey client authentication information to authorization server (OpenID Connect server if it supports this) in an access token request
Use JWT as authorization grants in access token request (compare this to authorization code in OAuth 2.0)
In both cases JWT is issued by some party trusted by token grant receiving authorization server.
Now, you do not necessary have to use a library to use this extension. As you question highlights, you have to create a PUT request from your GO client to authorization server.
But the tricky part is obtaining a valid JWT for this process. As I said, this JWT must be issued by a valid party. And your authorizatrion server should be configured to accept JWT.