luoluoyuyu commented on code in PR #10653:
URL: https://github.com/apache/apisix/pull/10653#discussion_r1433424403
##########
apisix/plugins/openid-connect.lua:
##########
@@ -440,15 +440,30 @@ function _M.rewrite(plugin_conf, ctx)
conf.timeout = conf.timeout * 1000
end
+ local path = ctx.var.request_uri
+
if not conf.redirect_uri then
- conf.redirect_uri = ctx.var.request_uri
+ conf.redirect_uri = path
end
if not conf.ssl_verify then
-- openidc use "no" to disable ssl verification
conf.ssl_verify = "no"
end
+ if path == (conf.logout_path or "/logout") then
+ local discovery, discovery_err =openidc.get_discovery_doc(conf)
+ if discovery_err then
+ core.log.error("OIDC access discovery url failed : ",
discovery_err)
+ return 500
Review Comment:
The reason for return 500 is the same as the reason for returning 500 in
this step.
https://github.com/apache/apisix/blob/master/apisix/plugins/openid-connect.lua#L507-L518。
The `openidc.authenticate` and `get_discovery_doc` functions both get
discovered metadata via
openidc_ensure_discovered_data.https://github.com/zmartzone/lua-resty-openidc/blob/master/lib/resty/openidc.lua#L580
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
