diff --git a/lib/Mojolicious/Plugin/OAuth2.pm b/lib/Mojolicious/Plugin/OAuth2.pm
index db48ca0..6417c72 100644
--- a/lib/Mojolicious/Plugin/OAuth2.pm
+++ b/lib/Mojolicious/Plugin/OAuth2.pm
@@ -95,8 +95,8 @@ sub _auth_url {
$authorize_url = Mojo::URL->new($provider_args->{authorize_url});
$authorize_url->host($args->{host}) if exists $args->{host};
$authorize_url->query->append(client_id => $provider_args->{key}, redirect_uri => $args->{redirect_uri});
- $authorize_url->query->append(scope => $args->{scope}) if defined $args->{scope};
- $authorize_url->query->append(state => $args->{state}) if defined $args->{state};
+ $authorize_url->query->append(scope => $args->{scope}) if defined $args->{scope};
+ $authorize_url->query->append(state => $args->{state}) if defined $args->{state};
$authorize_url->query($args->{authorize_query}) if exists $args->{authorize_query};
$authorize_url;
}
@@ -219,7 +219,11 @@ sub _warmup_openid_provider_p {
my ($self, $app, $provider) = @_;
return $self->_ua->get_p($provider->{well_known_url})->then(sub {
- my $tx = shift;
+ my $tx = shift;
+ if (my $err = $tx->error) {
+ die $err->{message};
+ }
+
my $res = $tx->result->json;
$provider->{authorize_url} = $res->{authorization_endpoint};
$provider->{end_session_url} = $res->{end_session_endpoint};
@@ -236,6 +240,8 @@ sub _warmup_openid_provider_p {
})->catch(sub {
my $err = shift;
$app->log->error("[OAuth2] Failed to warm up $provider->{well_known_url}: $err");
+ my $cb = $provider->{warmup_error_callback};
+ $cb->($provider, $err) if $cb and ref($cb) eq 'CODE';
});
}
@@ -526,13 +532,17 @@ Here is an example to add adddition information like "key" and "secret":
For L, C and C are configured from the
C so these are replaced by the C key.
+To be able to handle errors during the fetch of the openid configuration via the well known URL you can
+specify a subroutine reference as a callback with the key C. It will get a reference
+to the provider hash and the error message as parameters.
$app->plugin(OAuth2 => {
providers => {
azure_ad => {
- key => 'APP_ID',
- secret => 'SECRET_KEY',
- well_known_url => 'https://login.microsoftonline.com/tenant-id/v2.0/.well-known/openid-configuration',
+ key => 'APP_ID',
+ secret => 'SECRET_KEY',
+ well_known_url => 'https://login.microsoftonline.com/tenant-id/v2.0/.well-known/openid-configuration',
+ warmup_error_callback => sub { my($provider, $error) = @_; warn $error; }
},
},
});
diff --git a/lib/Mojolicious/Plugin/OAuth2/Mock.pm b/lib/Mojolicious/Plugin/OAuth2/Mock.pm
index 4f71c38..cb0a258 100644
--- a/lib/Mojolicious/Plugin/OAuth2/Mock.pm
+++ b/lib/Mojolicious/Plugin/OAuth2/Mock.pm
@@ -149,8 +149,14 @@ sub _action_token_endpoint {
sub _action_well_known {
my ($self, $c) = @_;
my $provider = $self->provider;
- my $req_url = $c->req->url->to_abs;
- my $to_abs = sub { $req_url->path(Mojo::URL->new(shift)->path)->to_abs };
+
+ if ($provider->{key} eq 'invalid') {
+ $c->render(text => 'FAIL INVALID', status => 400);
+ return;
+ }
+
+ my $req_url = $c->req->url->to_abs;
+ my $to_abs = sub { $req_url->path(Mojo::URL->new(shift)->path)->to_abs };
$c->render(
template => 'oauth2/mock/configuration',
diff --git a/t/oidc-error.t b/t/oidc-error.t
new file mode 100644
index 0000000..7b73e6a
--- /dev/null
+++ b/t/oidc-error.t
@@ -0,0 +1,26 @@
+use Mojo::Base -strict;
+use Test::More;
+use Test::Mojo;
+use MIME::Base64 qw(encode_base64url);
+use Mojo::JSON qw(decode_json encode_json);
+use Mojo::URL;
+use Mojolicious::Plugin::OAuth2;
+
+plan skip_all => "Mojo::JWT, Crypt::OpenSSL::RSA and Crypt::OpenSSL::Bignum required for openid tests"
+ unless Mojolicious::Plugin::OAuth2::MOJO_JWT;
+
+use Mojolicious::Lite;
+
+my $error = '';
+
+plugin OAuth2 => {
+ mocked => {
+ key => 'invalid',
+ well_known_url => '/mocked/oauth2/.well-known/configuration',
+ warmup_error_callback => sub { $error = $_[1] },
+ }
+};
+
+like($error, qr/^Bad Request/, 'invalid key triggers callback');
+
+done_testing;