Spaces:
Runtime error
Runtime error
Andrew commited on
Commit ·
42daa47
1
Parent(s): 2829807
Add OIDC issuer discovery retry with caching
Browse files- src/lib/server/auth.ts +22 -1
src/lib/server/auth.ts
CHANGED
|
@@ -122,8 +122,29 @@ export async function generateCsrfToken(sessionId: string, redirectUrl: string):
|
|
| 122 |
).toString("base64");
|
| 123 |
}
|
| 124 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 125 |
async function getOIDCClient(settings: OIDCSettings): Promise<BaseClient> {
|
| 126 |
-
const issuer = await
|
| 127 |
|
| 128 |
const client_config: ConstructorParameters<typeof issuer.Client>[0] = {
|
| 129 |
client_id: OIDConfig.CLIENT_ID,
|
|
|
|
| 122 |
).toString("base64");
|
| 123 |
}
|
| 124 |
|
| 125 |
+
let cachedIssuer: Issuer | undefined;
|
| 126 |
+
|
| 127 |
+
async function discoverIssuerWithRetry(providerUrl: string, retries = 3): Promise<Issuer> {
|
| 128 |
+
if (cachedIssuer) return cachedIssuer;
|
| 129 |
+
|
| 130 |
+
for (let attempt = 1; attempt <= retries; attempt++) {
|
| 131 |
+
try {
|
| 132 |
+
cachedIssuer = await Issuer.discover(providerUrl);
|
| 133 |
+
return cachedIssuer;
|
| 134 |
+
} catch (err) {
|
| 135 |
+
logger.warn(
|
| 136 |
+
{ attempt, retries, code: (err as NodeJS.ErrnoException).code },
|
| 137 |
+
"OIDC issuer discovery failed, retrying…"
|
| 138 |
+
);
|
| 139 |
+
if (attempt === retries) throw err;
|
| 140 |
+
await new Promise((r) => setTimeout(r, 1000 * attempt));
|
| 141 |
+
}
|
| 142 |
+
}
|
| 143 |
+
throw new Error("Unreachable");
|
| 144 |
+
}
|
| 145 |
+
|
| 146 |
async function getOIDCClient(settings: OIDCSettings): Promise<BaseClient> {
|
| 147 |
+
const issuer = await discoverIssuerWithRetry(OIDConfig.PROVIDER_URL);
|
| 148 |
|
| 149 |
const client_config: ConstructorParameters<typeof issuer.Client>[0] = {
|
| 150 |
client_id: OIDConfig.CLIENT_ID,
|