The `fetchMetaData` does not return err even when server return NOT Found

[HoodChuang]

The following method. When the URL is something wrong, and the server return 404, the err is nil, this cause the next step where we get the urls from the metadata not found.

Though okta server hands the case like this well.

curl https://hood.okta.com/oauth2/default/.well-known/////openid-configuration

Other service that follow the openid protocol may not. For example: Keycloak is not

curl https://sso.it.robinhood.net/auth/realms/gsuite//.well-known/openid-configuration
{"error":"RESTEASY003210: Could not find resource for full path: https://sso.it.robinhood.net/auth/realms/gsuite//.well-known/openid-configuration"}

Can we check the response status code, and err out earlier? Thanks.

The fetchMetaData for reference.

func fetchMetaData(url string) (interface{}, error) {
    resp, err := http.Get(url)
    if err != nil {
        return nil, fmt.Errorf("request for metadata was not successful: %w", err)
    }
    defer resp.Body.Close()

    metadata := make(map[string]interface{})
    if err := json.NewDecoder(resp.Body).Decode(&metadata); err != nil {
        return nil, err
    }
    return metadata, nil
}

[arvindkrishnakumar-okta]

@HoodChuang Thanks for the post!

Someone from our team will review and followup on this soon.

cc: @monde

[monde]

I will look into this @HoodChuang , thank you for highlighting the code exactly where the problem lies.

[monde]

Thanks @HoodChuang released as v1.3.1

[HoodChuang]

Thank you very much @monde