From 313b905edc5fb82b56f0aecde376b7468416e117 Mon Sep 17 00:00:00 2001
From: Jonni Liljamo <jonni@liljamo.com>
Date: Fri, 6 Oct 2023 14:36:14 +0300
Subject: [PATCH] feat: oidc option for issuer trailing slash

---
 auth/oidc.go     | 9 ++++++++-
 config/config.go | 8 +++++---
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/auth/oidc.go b/auth/oidc.go
index 07e3321..30e6c5b 100644
--- a/auth/oidc.go
+++ b/auth/oidc.go
@@ -16,7 +16,14 @@ import (
 )
 
 func NewProviderAndConfig() (*oidc.Provider, oauth2.Config, error) {
-	provider, err := oidc.NewProvider(context.Background(), "https://" + config.TixeConfig.OidcDomain)
+	var providerUrl string
+	if config.TixeConfig.OidcIssuerTrailingSlash {
+		providerUrl = "https://" + config.TixeConfig.OidcDomain + "/"
+	} else {
+		providerUrl = "https://" + config.TixeConfig.OidcDomain
+	}
+
+	provider, err := oidc.NewProvider(context.Background(), providerUrl)
 	if err != nil {
 		log.Printf("[tixe/auth] Failed to create new custom provider")
 		return nil, oauth2.Config{}, err
diff --git a/config/config.go b/config/config.go
index e43aa09..590eecb 100644
--- a/config/config.go
+++ b/config/config.go
@@ -29,9 +29,10 @@ type Config struct {
 
 	CookieSecret string
 
-	OidcDomain   string
-	OidcClientID string
-	OidcSecret   string
+	OidcDomain              string
+	OidcIssuerTrailingSlash bool
+	OidcClientID            string
+	OidcSecret              string
 	// What is written on the login button
 	OidcLoginVisual string
 }
@@ -52,6 +53,7 @@ func ParseConfig() {
 		CookieSecret: util.LoadVar("TIXE_COOKIE_SECRET", ""),
 
 		OidcDomain: util.LoadVar("TIXE_OIDC_DOMAIN", ""),
+		OidcIssuerTrailingSlash: util.LoadVarBool("TIXE_OIDC_ISSUER_TRAILING_SLASH", false),
 		OidcClientID: util.LoadVar("TIXE_OIDC_CLIENTID", ""),
 		OidcSecret: util.LoadVar("TIXE_OIDC_SECRET", ""),
 
-- 
2.44.1