Really fix the JWT service lookup (#10)

The option to enable lookups was fine, but I forgot to remove the manual lookup - aargh.
2026-03-29 08:39:55 +00:00 · 2023-07-11 22:16:54 +01:00
parent 4c5632add4
commit 6d9c34f821
1 changed files with 2 additions and 18 deletions
--- a/main.go
+++ b/main.go
@@ -22,7 +22,6 @@ import (
 	"log"
 	"net/http"
 	"os"
-	"strings"

 	"time"

@@ -61,25 +60,10 @@ func exchangeOIDCToken(
 		return nil, errors.New("Missing parameters in OIDC token")
 	}

-	resolveResults, err := fclient.ResolveServer(ctx, spec.ServerName(token.MatrixServerName))
-	if err != nil {
-		log.Printf("Failed to resolve Matrix server name: %s %v", token.MatrixServerName, err)
-		return nil, errors.New("Failed to resolve Matrix server name")
-	}
-	if len(resolveResults) == 0 {
-		log.Printf("No results returned from server name resolution of %s!", token.MatrixServerName)
-		return nil, errors.New("No results returned from server name resolution!")
-	}
-
-	// XXX: Remove trailing :443 from the hostname, otherwise the TLS cert will fail to verify
-	// because it will include the port number. This clearly is not the right way of doing this
-	// but right now I don't know what is.
-	hackHostName := spec.ServerName(strings.TrimSuffix(string(resolveResults[0].Host), ":443"))
-
-	client := fclient.NewClient()
+	client := fclient.NewClient(fclient.WithWellKnownSRVLookups(true))
 	// validate the openid token by getting the user's ID
 	userinfo, err := client.LookupUserInfo(
-		ctx, hackHostName, token.AccessToken,
+		ctx, spec.ServerName(token.MatrixServerName), token.AccessToken,
 	)
 	if err != nil {
 		log.Printf("Failed to look up user info: %v", err)