Skip to content

Commit

Permalink
fix: Ensure the SSO http client takes into consideration http proxies,
Browse files Browse the repository at this point in the history 
…Fixes #9259 (#10046)
  • Loading branch information
@sarahhenkens
sarahhenkens authored Nov 30, 2022
1 parent 51625c2 commit c731007
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion server/auth/sso/sso.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,7 @@ func newSso(
return nil, err
}
// Create http client with TLSConfig to allow skipping of CA validation if InsecureSkipVerify is set.
httpClient := &http.Client{Transport: &http.Transport{TLSClientConfig: &tls.Config{InsecureSkipVerify: c.InsecureSkipVerify}}}
httpClient := &http.Client{Transport: &http.Transport{TLSClientConfig: &tls.Config{InsecureSkipVerify: c.InsecureSkipVerify}, Proxy: http.ProxyFromEnvironment}}
oidcContext := oidc.ClientContext(ctx, httpClient)
// Some offspec providers like Azure, Oracle IDCS have oidc discovery url different from issuer url which causes issuerValidation to fail
// This providerCtx will allow the Verifier to succeed if the alternate/alias URL is in the config
Expand Down

0 comments on commit c731007

Please sign in to comment.