Fixing introspect

philips-forks · Oct 2, 2023 · 91ddd6b · 91ddd6b
1 parent 05c8b59
commit 91ddd6b
Showing 1 changed file with 11 additions and 7 deletions.
diff --git a/providers/oidc.go b/providers/oidc.go
@@ -84,12 +84,9 @@ func (p *OIDCProvider) Redeem(ctx context.Context, redirectURL, code, codeVerifi
 // EnrichSession is called after Redeem to allow providers to enrich session fields
 // such as User, Email, Groups with provider specific API calls.
 func (p *OIDCProvider) EnrichSession(ctx context.Context, s *sessions.SessionState) error {
-	// ToDo: Vozniak - is this going to break something? tests are fine.
-	if p != nil && p.IntrospectURL != nil && p.IntrospectURL.String() != "" {
-		err := p.enrichFromIntrospectURL(ctx, s)
-		if err != nil {
-			logger.Errorf("Warning: Introspect URL request failed: %v", err)
-		}
+	err := p.enrichFromIntrospectURL(ctx, s)
+	if err != nil {
+		logger.Errorf("Warning: Introspect URL request failed: %v", err)
 	}
 
 	// If a mandatory email wasn't set, error at this point.
@@ -130,7 +127,14 @@ func (p *OIDCProvider) enrichFromIntrospectURL(ctx context.Context, s *sessions.
 	params.Add("token", s.AccessToken)
 	basicAuth := b64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("%s:%s", p.ClientID, clientSecret)))
 	logger.Printf("Requesting introspect")
-	result := requests.New( /* p.IntrospectURL.String() */ "https://iam-client-test.us-east.philips-healthsuite.com/authorize/oauth2/introspect").
+	if p.IntrospectURL == nil {
+		p.IntrospectURL = &url.URL{
+			Scheme: p.RedeemURL.Scheme,
+			Host:   p.RedeemURL.Host,
+			Path:   "/authorize/oauth2/introspect",
+		}
+	}
+	result := requests.New(p.IntrospectURL.String()).
 		WithContext(ctx).
 		WithMethod("POST").
 		WithBody(bytes.NewBufferString(params.Encode())).