Skip to content

Commit ab060e1

Browse files
committed
simplify path construction
1 parent 0b2c0b1 commit ab060e1

File tree

1 file changed

+38
-26
lines changed

1 file changed

+38
-26
lines changed

src/client/auth.ts

Lines changed: 38 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -671,42 +671,54 @@ export function buildDiscoveryUrls(authorizationServerUrl: string | URL): { url:
671671
const hasPath = url.pathname !== '/';
672672
const urlsToTry: { url: URL; type: 'oauth' | 'oidc' }[] = [];
673673

674-
// 1. OAuth metadata at the given URL
675-
urlsToTry.push({
676-
url: new URL(
677-
buildWellKnownPath('oauth-authorization-server', hasPath ? url.pathname : ''),
678-
url.origin
679-
),
680-
type: 'oauth'
681-
});
682674

683-
// 2. OAuth metadata at root (if URL has path)
684-
if (hasPath) {
675+
if (!hasPath) {
676+
// Root path: https://example.com/.well-known/oauth-authorization-server
685677
urlsToTry.push({
686-
url: new URL(buildWellKnownPath('oauth-authorization-server'), url.origin),
678+
url: new URL('/.well-known/oauth-authorization-server', url.origin),
687679
type: 'oauth'
688680
});
689-
}
690681

691-
// 3. OIDC metadata endpoints
692-
if (hasPath) {
693-
// RFC 8414 style: Insert /.well-known/openid-configuration before the path
694-
urlsToTry.push({
695-
url: new URL(buildWellKnownPath('openid-configuration', url.pathname), url.origin),
696-
type: 'oidc'
697-
});
698-
// OIDC Discovery 1.0 style: Append /.well-known/openid-configuration after the path
682+
// OIDC: https://example.com/.well-known/openid-configuration
699683
urlsToTry.push({
700-
url: new URL(buildWellKnownPath('openid-configuration', url.pathname, { prependPathname: true }), url.origin),
701-
type: 'oidc'
702-
});
703-
} else {
704-
urlsToTry.push({
705-
url: new URL(buildWellKnownPath('openid-configuration'), url.origin),
684+
url: new URL(`/.well-known/openid-configuration`, url.origin),
706685
type: 'oidc'
707686
});
687+
688+
return urlsToTry;
689+
}
690+
691+
// Strip trailing slash from pathname to avoid double slashes
692+
let pathname = url.pathname;
693+
if (pathname.endsWith('/')) {
694+
pathname = pathname.slice(0, -1);
708695
}
709696

697+
// 1. OAuth metadata at the given URL
698+
// Insert well-known before the path: https://example.com/.well-known/oauth-authorization-server/tenant1
699+
urlsToTry.push({
700+
url: new URL(`/.well-known/oauth-authorization-server${pathname}`, url.origin),
701+
type: 'oauth'
702+
});
703+
704+
// Root path: https://example.com/.well-known/oauth-authorization-server
705+
urlsToTry.push({
706+
url: new URL('/.well-known/oauth-authorization-server', url.origin),
707+
type: 'oauth'
708+
});
709+
710+
// 3. OIDC metadata endpoints
711+
// RFC 8414 style: Insert /.well-known/openid-configuration before the path
712+
urlsToTry.push({
713+
url: new URL(`/.well-known/openid-configuration${pathname}`, url.origin),
714+
type: 'oidc'
715+
});
716+
// OIDC Discovery 1.0 style: Append /.well-known/openid-configuration after the path
717+
urlsToTry.push({
718+
url: new URL(`${pathname}/.well-known/openid-configuration`, url.origin),
719+
type: 'oidc'
720+
});
721+
710722
return urlsToTry;
711723
}
712724

0 commit comments

Comments
 (0)