diff --git a/docker/idhub.entrypoint.sh b/docker/idhub.entrypoint.sh index 13dc694..63de887 100755 --- a/docker/idhub.entrypoint.sh +++ b/docker/idhub.entrypoint.sh @@ -20,7 +20,7 @@ config_oidc4vp() { R_URI_CLEAN="${RESPONSE_URI%/}" && R_URI_CLEAN="${R_URI_CLEAN#http*://}" local file="$(echo ${R_URI_CLEAN} | sed 's!/!__!g')" data="$(_get)" - echo "${data}" | jq --arg uri "${R_URI_CLEAN}" '{ ($uri): .}' > /sharedsecret/${file} + echo "${data}" | jq --arg uri "${RESPONSE_URI}" '{ ($uri): .}' > /sharedsecret/${file} echo wait the other idhubs to write, this is the only oportunity to sync with other idhubs in the docker compose sleep 2 @@ -28,13 +28,15 @@ config_oidc4vp() { for host in /sharedsecret/*; do # we are flexible on querying for RESPONSE_URI: the first one based on regex target_uri="$(cat "${host}" | jq -r 'keys[0]')" - filtered_data="$(cat "${host}" | jq --arg uri "${target_uri}" 'first(.[][] | select(.response_uri | test ($uri)))')" - client_id="$(echo "${filtered_data}" | jq -r '.client_id')" - client_secret="$(echo "${filtered_data}" | jq -r '.client_secret')" - response_uri="$(echo "${filtered_data}" | jq -r '.response_uri')" + if [ "${target_uri}" != "${RESPONSE_URI}" ]; then + filtered_data="$(cat "${host}" | jq --arg uri "${RESPONSE_URI}" 'first(.[][] | select(.response_uri | test ($uri)))')" + client_id="$(echo "${filtered_data}" | jq -r '.client_id')" + client_secret="$(echo "${filtered_data}" | jq -r '.client_secret')" + response_uri="$(echo "${filtered_data}" | jq -r '.response_uri')" - _set my_client_id ${client_id} ${response_uri} - _set my_client_secret ${client_secret} ${response_uri} + _set my_client_id ${client_id} ${target_uri} + _set my_client_secret ${client_secret} ${target_uri} + fi done }