cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: do not error when issuer discovery has no introspection endpoint

Browse source
This commit is contained in:
Hugo Hromic 2023-06-22 00:07:52 +01:00
parent 576bf5f0b5
commit 974bdcb0b3
No known key found for this signature in database
GPG key ID: 5CAFA8074D3F443B
1 changed files with 11 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

11
pkg/client/rs/resource_server.go
View file

@ -77,11 +77,15 @@ func newResourceServer(issuer string, authorizer func() (interface{}, error), op
if err != nil {
return nil, err
}
if rs.tokenURL == "" {
rs.tokenURL = config.TokenEndpoint
}
if rs.introspectURL == "" {
rs.introspectURL = config.IntrospectionEndpoint
}
if rs.introspectURL == "" || rs.tokenURL == "" {
return nil, errors.New("introspectURL and/or tokenURL is empty: please provide with either `WithStaticEndpoints` or a discovery url")
}
if rs.tokenURL == "" {
return nil, errors.New("tokenURL is empty: please provide with either `WithStaticEndpoints` or a discovery url")
}
rs.authFn = authorizer
return rs, nil
@ -113,6 +117,9 @@ func WithStaticEndpoints(tokenURL, introspectURL string) Option {
}
func Introspect(ctx context.Context, rp ResourceServer, token string) (*oidc.IntrospectionResponse, error) {
if rp.IntrospectionURL() == "" {
return nil, errors.New("resource server: introspection URL is empty")
}
authFn, err := rp.AuthFn()
if err != nil {
return nil, err