in lib/auth/AuthOauth2.cc [210:276]
void ClientCredentialFlow::initialize() {
if (issuerUrl_.empty()) {
LOG_ERROR("Failed to initialize ClientCredentialFlow: issuer_url is not set");
return;
}
if (!keyFile_.isValid()) {
return;
}
// set URL: well-know endpoint
std::string wellKnownUrl = issuerUrl_;
if (wellKnownUrl.back() == '/') {
wellKnownUrl.pop_back();
}
wellKnownUrl.append("/.well-known/openid-configuration");
CurlWrapper curl;
if (!curl.init()) {
LOG_ERROR("Failed to initialize curl");
return;
}
std::unique_ptr<CurlWrapper::TlsContext> tlsContext;
if (!tlsTrustCertsFilePath_.empty()) {
tlsContext.reset(new CurlWrapper::TlsContext);
tlsContext->trustCertsFilePath = tlsTrustCertsFilePath_;
}
auto result = curl.get(wellKnownUrl, "Accept: application/json", {}, tlsContext.get());
if (!result.error.empty()) {
LOG_ERROR("Failed to get the well-known configuration " << issuerUrl_ << ": " << result.error);
return;
}
const auto res = result.code;
const auto response_code = result.responseCode;
const auto& responseData = result.responseData;
const auto& errorBuffer = result.serverError;
switch (res) {
case CURLE_OK:
LOG_DEBUG("Received well-known configuration data " << issuerUrl_ << " code " << response_code);
if (response_code == 200) {
boost::property_tree::ptree root;
std::stringstream stream;
stream << responseData;
try {
boost::property_tree::read_json(stream, root);
} catch (boost::property_tree::json_parser_error& e) {
LOG_ERROR("Failed to parse well-known configuration data response: "
<< e.what() << "\nInput Json = " << responseData);
break;
}
this->tokenEndPoint_ = root.get<std::string>("token_endpoint");
LOG_DEBUG("Get token endpoint: " << this->tokenEndPoint_);
} else {
LOG_ERROR("Response failed for getting the well-known configuration "
<< issuerUrl_ << ". response Code " << response_code);
}
break;
default:
LOG_ERROR("Response failed for getting the well-known configuration "
<< issuerUrl_ << ". Error Code " << res << ": " << errorBuffer);
break;
}
}