till/managarten
1
0
Fork 0
mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-14 20:01:09 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

fix(auth): correct JWKS route mapping for OIDC

Browse source 
JWKS is at /api/auth/jwks, not /api/auth/oauth2/jwks.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Till-JS 2026-01-28 17:13:28 +01:00
parent f6382ead87
commit bea066c7f8
1 changed files with 5 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
services/mana-core-auth/src/auth/services/better-auth.service.ts
View file

@ -1201,7 +1201,7 @@ export class BetterAuthService {
* - /api/oidc/authorize /api/auth/oauth2/authorize
* - /api/oidc/token /api/auth/oauth2/token
* - /api/oidc/userinfo /api/auth/oauth2/userinfo
* - /api/oidc/jwks /api/auth/oauth2/jwks
* - /api/oidc/jwks /api/auth/jwks (JWKS is at basePath, not oauth2)
*
* @param req - Express request
* @returns Response data from Better Auth
@ -1220,6 +1220,10 @@ export class BetterAuthService {
if (mappedPath.startsWith('/.well-known/')) {
mappedPath = `/api/auth${mappedPath}`;
}
// Map /api/oidc/jwks to /api/auth/jwks (JWKS is not under oauth2)
else if (mappedPath.startsWith('/api/oidc/jwks')) {
mappedPath = mappedPath.replace('/api/oidc/jwks', '/api/auth/jwks');
}
// Map /api/oidc/* to /api/auth/oauth2/*
else if (mappedPath.startsWith('/api/oidc/')) {
mappedPath = mappedPath.replace('/api/oidc/', '/api/auth/oauth2/');