fix: relax auth_endpoint handling. Doesn't have to be available when …

…doing pre-auth flow. Client handles errors anyway in case of auth/par flow
Sphereon-Opensource · Sep 28, 2023 · ce39958 · ce39958
1 parent cb5f9c1
commit ce39958
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/packages/client/lib/MetadataClient.ts b/packages/client/lib/MetadataClient.ts
@@ -91,7 +91,9 @@ export class MetadataClient {
       }
       debug(`Issuer ${issuer} has ${authorizationServerType} Server metadata in well-known location`);
       if (!authMetadata.authorization_endpoint) {
-        console.warn(`Issuer ${issuer} of type ${authorizationServerType} has no authorization_endpoint! Will use ${authorization_endpoint}`);
+        console.warn(
+          `Issuer ${issuer} of type ${authorizationServerType} has no authorization_endpoint! Will use ${authorization_endpoint}. This only works for pre-authorized flows`,
+        );
       } else if (authorization_endpoint && authMetadata.authorization_endpoint !== authorization_endpoint) {
         throw Error(
           `Credential issuer has a different authorization_endpoint (${authorization_endpoint}) from the Authorization Server (${authMetadata.authorization_endpoint})`,