From 3003d487fa28fd9a3d29c6c880d922b75c4c7e6e Mon Sep 17 00:00:00 2001
From: Nicola Murino <nicola.murino@gmail.com>
Date: Tue, 25 Apr 2023 09:32:43 +0200
Subject: [PATCH] limit the size of the logged response to 2048 bytes in error
 cases

Fixes #306
---
 oidc/oidc.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/oidc/oidc.go b/oidc/oidc.go
index 3026c77e..d86be693 100644
--- a/oidc/oidc.go
+++ b/oidc/oidc.go
@@ -216,7 +216,11 @@ func NewProvider(ctx context.Context, issuer string) (*Provider, error) {
 	}
 
 	if resp.StatusCode != http.StatusOK {
-		return nil, fmt.Errorf("%s: %s", resp.Status, body)
+		maxBodySize := len(body)
+		if maxBodySize > 2048 {
+			maxBodySize = 2048
+		}
+		return nil, fmt.Errorf("%s: %s", resp.Status, body[:maxBodySize])
 	}
 
 	var p providerJSON