File tree Expand file tree Collapse file tree 1 file changed +9
-2
lines changed Expand file tree Collapse file tree 1 file changed +9
-2
lines changed Original file line number Diff line number Diff line change @@ -681,25 +681,32 @@ export function buildDiscoveryUrls(authorizationServerUrl: string | URL): { url:
681681 pathname = pathname . slice ( 0 , - 1 ) ;
682682 }
683683
684- // 1. OAuth metadata at the given URL
684+ // OAuth metadata at the given URL
685685 // Insert well-known before the path: https://example.com/.well-known/oauth-authorization-server/tenant1
686686 urlsToTry . push ( {
687687 url : new URL ( `/.well-known/oauth-authorization-server${ pathname } , url . origin ) ,
688688 type : 'oauth'
689689 } ) ;
690690
691+ // Some servers like Okta append the well-known after the path
692+ urlsToTry . push ( {
693+ url : new URL ( `${ pathname } , url . origin ) ,
694+ type : 'oauth'
695+ } ) ;
696+
691697 // Root path: https://example.com/.well-known/oauth-authorization-server
692698 urlsToTry . push ( {
693699 url : new URL ( '/.well-known/oauth-authorization-server' , url . origin ) ,
694700 type : 'oauth'
695701 } ) ;
696702
697- // 3. OIDC metadata endpoints
703+ // OIDC metadata endpoints
698704 // RFC 8414 style: Insert /.well-known/openid-configuration before the path
699705 urlsToTry . push ( {
700706 url : new URL ( `/.well-known/openid-configuration${ pathname } , url . origin ) ,
701707 type : 'oidc'
702708 } ) ;
709+
703710 // OIDC Discovery 1.0 style: Append /.well-known/openid-configuration after the path
704711 urlsToTry . push ( {
705712 url : new URL ( `${ pathname } , url . origin ) ,
You can’t perform that action at this time.
0 commit comments