Closed pinpox closed 6 days ago
Using the example I get a panic from the openID connect provider:
2024/04/23 16:12:36 listening on localhost:3000 2024/04/23 16:12:46 http: panic serving [::1]:54814: interface conversion: interface {} is nil, not string goroutine 23 [running]: net/http.(*conn).serve.func1() /nix/store/mzg3cka0bbr5jq96ysymwziw74fnk22m-go-1.22.1/share/go/src/net/http/server.go:1898 +0xbe panic({0x8d0540?, 0xc0004223c0?}) /nix/store/mzg3cka0bbr5jq96ysymwziw74fnk22m-go-1.22.1/share/go/src/runtime/panic.go:770 +0x132 github.com/markbates/goth/providers/openidConnect.(*Session).Authorize(0xc00038c4e0, {0xa247e0?, 0xc000182ea0}, {0xa1cf60, 0xc0002c45a0}) /home/pinpox/.go/pkg/mod/github.com/markbates/goth@v1.79.0/providers/openidConnect/session.go:60 +0x4d0 github.com/markbates/goth/gothic.init.func3({_, _}, _) /home/pinpox/.go/pkg/mod/github.com/markbates/goth@v1.79.0/gothic/gothic.go:204 +0x3e9 main.main.func1({0xa1f680, 0xc00038e000}, 0xffffffffffffffff?) /home/pinpox/code/github.com/pinpox/oidc-htmx-template/main.go:289 +0x5f net/http.HandlerFunc.ServeHTTP(0xc0001826c0?, {0xa1f680?, 0xc00038e000?}, 0xc000100808?) /nix/store/mzg3cka0bbr5jq96ysymwziw74fnk22m-go-1.22.1/share/go/src/net/http/server.go:2166 +0x29 github.com/gorilla/pat.(*Router).ServeHTTP(0xc000308780, {0xa1f680, 0xc00038e000}, 0xc0001826c0) /home/pinpox/.go/pkg/mod/github.com/gorilla/pat@v1.0.2/pat.go:92 +0x28e net/http.serverHandler.ServeHTTP({0xc000276ab0?}, {0xa1f680?, 0xc00038e000?}, 0x6?) /nix/store/mzg3cka0bbr5jq96ysymwziw74fnk22m-go-1.22.1/share/go/src/net/http/server.go:3137 +0x8e net/http.(*conn).serve(0xc00026e510, {0xa20b28, 0xc0002769c0}) /nix/store/mzg3cka0bbr5jq96ysymwziw74fnk22m-go-1.22.1/share/go/src/net/http/server.go:2039 +0x5e8 created by net/http.(*Server).Serve in goroutine 1 /nix/store/mzg3cka0bbr5jq96ysymwziw74fnk22m-go-1.22.1/share/go/src/net/http/server.go:3285 +0x4b4
I'm have set the OPENID_CONNECT_KEY, OPENID_CONNECT_SECRET and OPENID_CONNECT_DISCOVERY_URL to appropiate values. The discovery url returns this json:
OPENID_CONNECT_KEY
OPENID_CONNECT_SECRET
OPENID_CONNECT_DISCOVERY_URL
{ "issuer": "https://git.0cx.de/", "authorization_endpoint": "https://git.0cx.de/login/oauth/authorize", "token_endpoint": "https://git.0cx.de/login/oauth/access_token", "jwks_uri": "https://git.0cx.de/login/oauth/keys", "userinfo_endpoint": "https://git.0cx.de/login/oauth/userinfo", "introspection_endpoint": "https://git.0cx.de/login/oauth/introspect", "response_types_supported": [ "code", "id_token" ], "id_token_signing_alg_values_supported": [ "RS256" ], "subject_types_supported": [ "public" ], "scopes_supported": [ "openid", "profile", "email", "groups" ], "claims_supported": [ "aud", "exp", "iat", "iss", "sub", "name", "preferred_username", "profile", "picture", "website", "locale", "updated_at", "email", "email_verified", "groups" ], "code_challenge_methods_supported": [ "plain", "S256" ], "grant_types_supported": [ "authorization_code", "refresh_token" ] }
Looking at the code, the panic seems to come from this cast: https://github.com/markbates/goth/blob/f4685f5f6edf65de920b6c6c03fc1ffabcb88e68/providers/openidConnect/session.go#L60
Let me know if I'm doing anything wrong, this is a bug or you need any additional information for debugging
Using the example I get a panic from the openID connect provider:
I'm have set the
OPENID_CONNECT_KEY
,OPENID_CONNECT_SECRET
andOPENID_CONNECT_DISCOVERY_URL
to appropiate values. The discovery url returns this json:Looking at the code, the panic seems to come from this cast: https://github.com/markbates/goth/blob/f4685f5f6edf65de920b6c6c03fc1ffabcb88e68/providers/openidConnect/session.go#L60
Let me know if I'm doing anything wrong, this is a bug or you need any additional information for debugging