From 67b8d1668c03a43d3417f12067eabeebcefbffc9 Mon Sep 17 00:00:00 2001
From: kaiyou <pierre@jaury.eu>
Date: Thu, 2 Jul 2020 18:25:00 +0200
Subject: [PATCH] Expose the issuer uri

---
 hiboo/sso/oidc.py | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/hiboo/sso/oidc.py b/hiboo/sso/oidc.py
index b9aab89..eb14b5a 100644
--- a/hiboo/sso/oidc.py
+++ b/hiboo/sso/oidc.py
@@ -125,7 +125,7 @@ class Client(sqla_oauth2.OAuth2ClientMixin):
         service = self.service
         return {
             'key': service.config["jwt_key"], 'alg': service.config["jwt_alg"],
-            'iss': flask.url_for("sso.oidc_token", service_uuid=service.uuid, _external=True),
+            'iss': flask.url_for("sso.oidc_issuer", service_uuid=service.uuid, _external=True),
             'exp': 3600,
         }
 
@@ -178,7 +178,7 @@ class Client(sqla_oauth2.OAuth2ClientMixin):
         """
         uuid = self.service.uuid
         return flask.jsonify({
-            "issuer": flask.url_for("sso.oidc_token", service_uuid=uuid, _external=True),
+            "issuer": flask.url_for("sso.oidc_issuer", service_uuid=uuid, _external=True),
             "authorization_endpoint": flask.url_for("sso.oidc_authorize", service_uuid=uuid, _external=True),
             "token_endpoint": flask.url_for("sso.oidc_token", service_uuid=uuid, _external=True),
             "userinfo_endpoint": flask.url_for("sso.oidc_userinfo", service_uuid=uuid, _external=True),
@@ -193,6 +193,11 @@ class Client(sqla_oauth2.OAuth2ClientMixin):
         return flask.jsonify({"keys": [self.service.config["jwt_public_key"]]})
 
 
+@blueprint.route("/oidc/<service_uuid>")
+def oidc_issuer(service_uuid):
+    return flask.redirect(".oidc_discovery", service_uuid)
+
+
 @blueprint.route("/oidc/authorize/<service_uuid>", methods=["GET", "POST"])
 @blueprint.route("/oidc/<service_uuid>/authorize", methods=["GET", "POST"])
 @security.authentication_required()
-- 
GitLab