Skip to content

Fix OIDC discovery to fallback on text/html responses #17927

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Fix OIDC discovery to fallback on text/html responses #17927

wants to merge 1 commit into from
+72 −0

Conversation

znight1020
Copy link

@znight1020 znight1020 commented Sep 17, 2025
edited
Loading

Summary

Some providers return 200 with text/html for /.well-known/openid-configuration. Previously, discovery stopped at the
first endpoint. This PR makes discovery continue to the next candidate so it can fall back to the OAuth 2.0 Authorization Server metadata endpoint.

Motivation

What Changed

  • oauth2/oauth2-client
    • ClientRegistrations#getBuilder: record UnknownContentTypeException
      and try the next discovery endpoint
  • Tests
    • issuerWhenOidcHtmlThenFallbackToOAuth2ThenSuccess
    • issuerWhenFirstEndpoint5xxThenThrowsIllegalArgumentException

Behavior

  • Before: Non-JSON at OIDC discovery → exception surfaced, no fallback.
  • After: Non-JSON at OIDC discovery → error recorded → try next endpoint →
    succeeds via OAuth 2.0 AS metadata when available.

Closes gh-17036

@znight1020
Fix OIDC discovery to fallback on text/html responses
f24c301 
Some providers return 200 OK with text/html for
/.well-known/openid-configuration.
Previously, discovery stopped at the first endpoint.

This commit records UnknownContentTypeException and moves to
the next candidate, enabling fallback to the OAuth 2.0 AS
metadata endpoint.

Closes spring-projectsgh-17036

Signed-off-by: 이현수 <znight1020@naver.com>
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Sep 17, 2025
@znight1020 znight1020 mentioned this pull request Sep 18, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
status: waiting-for-triage An issue we've not yet triaged
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Oauth2: Lookup from oauth2 well-known endpoint fails, if lookup of the oidc well-known endpoint errors
2 participants
@znight1020 @spring-projects-issues