func (op *OIDCProvider) FetchCustomProviderConfig(discoveryURL string) (*oidc.ProviderConfig, error) {
var customConfig OidcProviderConfiguration
// If discovery URL is empty, use the standard discovery URL
if discoveryURL == "" {
discoveryURL = strings.TrimSuffix(op.Issuer, "/") + discoveryConfigPath
}
base.LogTo("OIDC+", "Fetching custom provider config from %s", discoveryURL)
req, err := http.NewRequest("GET", discoveryURL, nil)
if err != nil {
base.LogTo("OIDC+", "Error building new request for URL %s: %v", discoveryURL, err)
return nil, err
}
resp, err := http.DefaultClient.Do(req)
if err != nil {
base.LogTo("OIDC+", "Error invoking calling discovery URL %s: %v", discoveryURL, err)
return nil, err
}
defer resp.Body.Close()
if err := json.NewDecoder(resp.Body).Decode(&customConfig); err != nil {
base.LogTo("OIDC+", "Error parsing body %s: %v", discoveryURL, err)
return nil, err
}
var oidcConfig oidc.ProviderConfig
oidcConfig, err = customConfig.AsProviderConfig()
if err != nil {
base.LogTo("OIDC+", "Error invoking calling discovery URL %s: %v", discoveryURL, err)
return nil, err
}
// Set expiry on config, if defined in response header
var ttl time.Duration
var ok bool
ttl, ok, err = phttp.Cacheable(resp.Header)
if err != nil {
return nil, err
} else if ok {
oidcConfig.ExpiresAt = time.Now().UTC().Add(ttl)
}
base.LogTo("OIDC+", "Returning config: %v", oidcConfig)
return &oidcConfig, nil
}
