related to openziti/ziti#2282 totp OIDC flow fixes

openziti · Aug 1, 2024 · 0a91679 · 0a91679
1 parent f853cab
commit 0a91679
Showing 1 changed file with 6 additions and 3 deletions.
diff --git a/edge-apis/authwrapper.go b/edge-apis/authwrapper.go
@@ -735,7 +735,7 @@ func oidcAuth(clientTransportPool ClientTransportPool, credentials Credentials,
 			return nil, fmt.Errorf("remote op login response is expected to be HTTP status %d got %d with body: %s", http.StatusOK, resp.StatusCode(), resp.Body())
 		}
 
-		authRequestId := resp.Header().Get(AuthRequestIdHeader)
+		authRequestId := payload.AuthRequestId
 		totpRequiredHeader := resp.Header().Get(TotpRequiredHeader)
 		totpRequired := totpRequiredHeader != ""
 		totpCode := ""
@@ -775,11 +775,14 @@ func oidcAuth(clientTransportPool ClientTransportPool, credentials Credentials,
 				}
 
 				return nil, apiErr
-
 			}
 		}
 
-		tokens := <-rpServer.TokenChan
+		var tokens *oidc.Tokens[*oidc.IDTokenClaims]
+		select {
+		case tokens = <-rpServer.TokenChan:
+		case <-time.After(30 * time.Minute):
+		}
 
 		if tokens == nil {
 			return nil, errors.New("authentication did not complete, received nil tokens")