Merge pull request #402 from joriszwart/patch-1

[oidc] error on unsuccessful Discovery URL
markbates · Sep 2, 2022 · 3d66163 · 3d66163
2 parents b4c79e7 + e116a14
commit 3d66163
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/providers/openidConnect/openidConnect.go b/providers/openidConnect/openidConnect.go
@@ -79,7 +79,7 @@ type OpenIDConfig struct {
 	// If OpenID discovery is enabled, the end_session_endpoint field can optionally be provided
 	// in the discovery endpoint response according to OpenID spec. See:
 	// https://openid.net/specs/openid-connect-session-1_0-17.html#OPMetadata
-	EndSessionEndpoint string `json:"end_session_endpoint, omitempty"`
+	EndSessionEndpoint string `json:"end_session_endpoint,omitempty"`
 	Issuer             string `json:"issuer"`
 }
 
@@ -374,6 +374,10 @@ func getOpenIDConfig(p *Provider, openIDAutoDiscoveryURL string) (*OpenIDConfig,
 	}
 	defer res.Body.Close()
 
+	if res.StatusCode < 200 || res.StatusCode >= 300 {
+		return nil, fmt.Errorf("Non-success code for Discovery URL: %d", res.StatusCode)
+	}
+
 	body, err := ioutil.ReadAll(res.Body)
 	if err != nil {
 		return nil, err