From f5d097ac558cc937de22da5c1cdfd65f0b561d77 Mon Sep 17 00:00:00 2001
From: Lennart <18233294+lennart-k@users.noreply.github.com>
Date: Sun, 22 Jun 2025 23:55:57 +0200
Subject: [PATCH] oidc: Fix for OIDC servers not supporting RFC 9207

see #81
---
 crates/oidc/src/lib.rs | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/crates/oidc/src/lib.rs b/crates/oidc/src/lib.rs
index 8c04f3a..0868ade 100644
--- a/crates/oidc/src/lib.rs
+++ b/crates/oidc/src/lib.rs
@@ -138,7 +138,8 @@ pub async fn route_post_oidc(
 #[derive(Debug, Clone, Deserialize)]
 pub struct AuthCallbackQuery {
     code: AuthorizationCode,
-    iss: IssuerUrl,
+    // RFC 9207
+    iss: Option<IssuerUrl>,
     state: String,
 }
 
@@ -153,7 +154,9 @@ pub async fn route_get_oidc_callback<US: UserStore + Clone>(
 ) -> Result<Response, OidcError> {
     let callback_uri = format!("https://{host}/frontend/login/oidc/callback");
 
-    assert_eq!(iss, oidc_config.issuer);
+    if let Some(iss) = iss {
+        assert_eq!(iss, oidc_config.issuer);
+    }
     let oidc_state = session
         .remove::<OidcState>(SESSION_KEY_OIDC_STATE)
         .await?