Skip to content
This repository has been archived by the owner on Sep 5, 2022. It is now read-only.

Commit

Permalink
Skip iss verification in Provider
Browse files Browse the repository at this point in the history
  • Loading branch information
@pjediny
pjediny committed Feb 17, 2020
1 parent 8d77155 commit 93b1720
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions oidc.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,7 @@ var supportedAlgorithms = map[string]bool{
//
// The issuer is the URL identifier for the service. For example: "https://accounts.google.com"
// or "https://login.salesforce.com".
func NewProvider(ctx context.Context, issuer string) (*Provider, error) {
func NewProvider(ctx context.Context, issuer string, issDontVerify bool) (*Provider, error) {
wellKnown := strings.TrimSuffix(issuer, "/") + "/.well-known/openid-configuration"
req, err := http.NewRequest("GET", wellKnown, nil)
if err != nil {
Expand All @@ -137,7 +137,7 @@ func NewProvider(ctx context.Context, issuer string) (*Provider, error) {
return nil, fmt.Errorf("oidc: failed to decode provider discovery object: %v", err)
}

if p.Issuer != issuer {
if !issDontVerify && p.Issuer != issuer {
return nil, fmt.Errorf("oidc: issuer did not match the issuer returned by provider, expected %q got %q", issuer, p.Issuer)
}
var algs []string
Expand Down

0 comments on commit 93b1720

Please sign in to comment.