No call to /oidc/certs with custom http_options

Question

No call to /oidc/certs with custom http_options

tatiNo5 opened this issue 2 years ago · comments

Describe the bug
I'm setting the http client options and expect to see a request to /oidc/certs endpoint where the public keys of the oidc provider are taken from, which should be used for the id_token validation.

To Reproduce
Here is my code:

  const issuer = await Issuer.discover(ISSUER)

  const client = new issuer.Client({
    client_id: CLIENT_ID,
    client_secret: CLIENT_SECRET,
    redirect_uris: [REDIRECT_URL],
    response_types: ['code']
  })

  if (PROXY_HOST && PROXY_PORT && CA_CERT) {
    client[custom.http_options] = function (url, options) {
      console.log(url)
      const agent = tunnel.httpsOverHttp({
        ca: [fs.readFileSync(CA_CERT)],
        proxy: {
          host: PROXY_HOST,
          port: PROXY_PORT
        }
      })
      options.agent = agent
      return options
    }
  }

Expected behaviour
To see in the console log entries for the /oidc/certs endpoint as there are for /oidc/userinfo and /oidc/token.

Environment:

openid-client version: [e.g. v5.1.6]
node version: [e.g. v6.10.0]

Additional context
The issue is tested and reproduced with 3.2.3 and latest 5.1.6 versions.

the bug is happening on latest openid-client too.
i have searched the issues tracker on github for similar issues and couldn't find anything related.

Filip Skokan · Answer 1 · Tue May 31 2022 14:27:03 GMT+0800 (China Standard Time)

https://github.com/panva/node-openid-client/blob/main/docs/README.md#customizing-individual-http-requests

Those are made by the Issuer instance.

tatiNo5 · Answer 2 · Tue May 31 2022 21:17:18 GMT+0800 (China Standard Time)

Thank you, Filip. Make sense :)