Fixed IDP endpoint overrides not working correctly

2025-12-19 19:17:01 -07:00 · 2024-04-30 11:32:28 -06:00 · 2024-04-30 11:32:28 -06:00 · e940dc2dd9
commit e940dc2dd9
parent 67683e9fca
5 changed files with 29 additions and 18 deletions
--- a/internal/config.go
+++ b/internal/config.go
@ -2,6 +2,7 @@ package opaal

 import (
 	"davidallendj/opaal/internal/oauth"
+	"davidallendj/opaal/internal/oidc"
 	"log"
 	"os"
 	"path/filepath"
@ -72,11 +73,18 @@ type Config struct {
 }

 func NewConfig() Config {
-	return Config{
+	config := Config{
 		Version: goutil.GetCommit(),
 		Server: server.Server{
 			Host: "127.0.0.1",
 			Port: 3333,
+			Issuer: server.IdentityProviderServer{
+				Endpoints: oidc.Endpoints{
+					Authorization: "http://127.0.0.1/oauth/authorize",
+					Token:         "http://127.0.0.1/oauth/token",
+					JwksUri:       "http://127.0.0.1/.well-known/jwks.json",
+				},
+			},
 		},
 		Options: Options{
 			RunOnce:     true,
@ -99,6 +107,7 @@ func NewConfig() Config {
 			},
 		},
 	}
+	return config
 }

 func LoadConfig(path string) Config {
--- a/internal/new.go
+++ b/internal/new.go
@ -91,8 +91,9 @@ func NewServerWithConfig(conf *Config) *server.Server {
 		Host: host,
 		Port: port,
 		Issuer: server.IdentityProviderServer{
-			Host: conf.Server.Issuer.Host,
-			Port: conf.Server.Issuer.Port,
+			Host:      conf.Server.Issuer.Host,
+			Port:      conf.Server.Issuer.Port,
+			Endpoints: conf.Server.Issuer.Endpoints,
 		},
 	}
 	return server
--- a/internal/oidc/oidc.go
+++ b/internal/oidc/oidc.go
@ -171,18 +171,19 @@ func (p *IdentityProvider) UpdateEndpoints(other *IdentityProvider) {

 func UpdateEndpoints(eps *Endpoints, other *Endpoints) {
 	// only update endpoints that are not empty
-	var UpdateIf = func(ep *string, s string) {
+	var UpdateIfEmpty = func(ep *string, s string) {
 		if ep != nil {
-			if *ep != "" {
+			if *ep == "" {
 				*ep = s
+				fmt.Printf("updated %s\n", s)
 			}
 		}
 	}
-	UpdateIf(&eps.Config, other.Config)
-	UpdateIf(&eps.Authorization, other.Authorization)
-	UpdateIf(&eps.Token, other.Token)
-	UpdateIf(&eps.Revocation, other.Revocation)
-	UpdateIf(&eps.Introspection, other.Introspection)
-	UpdateIf(&eps.UserInfo, other.UserInfo)
-	UpdateIf(&eps.JwksUri, other.JwksUri)
+	UpdateIfEmpty(&eps.Config, other.Config)
+	UpdateIfEmpty(&eps.Authorization, other.Authorization)
+	UpdateIfEmpty(&eps.Token, other.Token)
+	UpdateIfEmpty(&eps.Revocation, other.Revocation)
+	UpdateIfEmpty(&eps.Introspection, other.Introspection)
+	UpdateIfEmpty(&eps.UserInfo, other.UserInfo)
+	UpdateIfEmpty(&eps.JwksUri, other.JwksUri)
 }
--- a/internal/server/idp.go
+++ b/internal/server/idp.go
@ -22,7 +22,7 @@ import (
 	"github.com/lestrrat-go/jwx/v2/jwt"
 )

-func (s *Server) StartIdentityProvider(eps oidc.Endpoints) error {
+func (s *Server) StartIdentityProvider() error {
 	// NOTE: this example does NOT implement CSRF tokens nor use them

 	// create an example identity provider
@ -44,7 +44,7 @@ func (s *Server) StartIdentityProvider(eps oidc.Endpoints) error {
 		Token:         "http://" + s.Addr + "/oauth/token",
 		JwksUri:       "http://" + s.Addr + "/.well-known/jwks.json",
 	}
-	oidc.UpdateEndpoints(&eps, &defaultEps)
+	oidc.UpdateEndpoints(&s.Issuer.Endpoints, &defaultEps)

 	// generate key pair used to sign JWKS and create JWTs
 	privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
@ -84,9 +84,9 @@ func (s *Server) StartIdentityProvider(eps oidc.Endpoints) error {
 		// create config JSON to serve with GET request
 		config := map[string]any{
 			"issuer":                 "http://" + s.Addr,
-			"authorization_endpoint": eps.Authorization,
-			"token_endpoint":         eps.Token,
-			"jwks_uri":               eps.JwksUri,
+			"authorization_endpoint": s.Issuer.Endpoints.Authorization,
+			"token_endpoint":         s.Issuer.Endpoints.Token,
+			"jwks_uri":               s.Issuer.Endpoints.JwksUri,
 			"scopes_supported": []string{
 				"openid",
 				"profile",