Fixed token fetch from IDP

Added response body print to debug ID token
Added verbose print to show ID and access tokens from IDP
2026-02-04 00:36:26 -07:00 · 2024-07-01 12:29:31 -06:00 · 2024-07-01 12:29:31 -06:00 · 2024-07-01 12:29:31 -06:00 · 2024-05-28 08:32:47 -06:00 · 2024-05-27 10:28:53 +02:00
2 changed files with 30 additions and 21 deletions
--- a/internal/oauth/authenticate.go
+++ b/internal/oauth/authenticate.go
@ -118,5 +118,5 @@ func (client *Client) FetchTokenFromAuthenticationServer(code string, state stri
 	fmt.Printf("%s\n", string(b))
 	defer res.Body.Close()
-	return io.ReadAll(res.Body)
+	return b, nil
 }
--- a/internal/server/server.go
+++ b/internal/server/server.go
@ -141,38 +141,47 @@ func (s *Server) StartLogin(clients []oauth.Client, params ServerParams) error {
 			p    = params.AuthProvider
 			jwks []byte
 		)
-		// try and get the JWKS from param first
+
-		if p.Endpoints.JwksUri != "" {
+		fetchAndMarshal := func() (err error) {
-			err := p.FetchJwks()
+			err = p.FetchJwks()
 			if err != nil {
-				fmt.Printf("failed to fetch keys using JWKS url...trying to fetch config and try again...\n")
+				fmt.Printf("failed to fetch keys: %v\n", err)
 				return
 			}
 			jwks, err = json.Marshal(p.KeySet)
 			if err != nil {
 				fmt.Printf("failed to marshal JWKS: %v\n", err)
 			}
 		} else if p.Endpoints.Config != "" && jwks == nil {
 			// otherwise, try and fetch the whole config and try again
 			err := p.FetchServerConfig()
 			if err != nil {
 				fmt.Printf("failed to fetch server config: %v\n", err)
 				http.Redirect(w, r, "/error", http.StatusInternalServerError)
 			return
 		}
-			err = p.FetchJwks()
+
-			if err != nil {
+		// try and get the JWKS from param first
-				fmt.Printf("failed to fetch JWKS after fetching server config: %v\n", err)
+		if p.Endpoints.JwksUri != "" {
-				http.Redirect(w, r, "/error", http.StatusInternalServerError)
+			if err := fetchAndMarshal(); err != nil {
 				w.Write(jwks)
 				return
 			}
 		}
-		// forward the JWKS from the authorization server
+		// otherwise or if fetching the JWKS failed, try and fetch the whole config first and try again
-		if jwks == nil {
+		if p.Endpoints.Config != "" {
-			fmt.Printf("no JWKS was fetched from authorization server\n")
+			if err := p.FetchServerConfig(); err != nil {
-			http.Redirect(w, r, "/error", http.StatusInternalServerError)
+				fmt.Printf("failed to fetch server config: %v\n", err)
 				http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
 				return
 			}
 		} else {
 			fmt.Printf("getting JWKS from param failed and endpoints config unavailable\n")
 			http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
 			return
 		}
 		if err := fetchAndMarshal(); err != nil {
 			fmt.Printf("failed to fetch and marshal JWKS after config update: %v\n", err)
 			http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
 			return
 		}
 		w.Write(jwks)
 	})
 	r.HandleFunc("/token", func(w http.ResponseWriter, r *http.Request) {
Author	SHA1	Message	Date
David Allen	e0a8d43421	Fixed token fetch from IDP	2024-07-01 12:29:31 -06:00
David Allen	a7e0e73e45	Added response body print to debug ID token	2024-07-01 12:29:31 -06:00
David Allen	8c01ba897f	Added verbose print to show ID and access tokens from IDP	2024-07-01 12:29:31 -06:00
David Allen	a0cca97e7d	Merge pull request #13 from opencube-horizon/bugfix/token-handler server: fix error reporting and logic for /keys handler	2024-05-28 08:32:47 -06:00
Tiziano Müller	b304361ce9	server: fix error reporting and logic for /keys handler restores proper error reporting to include the host dialed, and fixes the tautological comparison `jwks == nil` in the recovery path to properly refetch the server config and try again as intended	2024-05-27 10:28:53 +02:00