Fix the fix

Source/ProofOfConcept/Program.cs

@@ -43,54 +43,54 @@ builder.Services
     {
         // Point directly at the third-party metadata
         // Metadata is wrong... it sets non-existing uris like: "jwks_uri": "https://fleet-auth.tesla.com/oauth2/v3/discovery/thirdparty/keys"
-        //o.MetadataAddress = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/thirdparty/.well-known/openid-configuration";
+        // o.MetadataAddress = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/thirdparty/.well-known/openid-configuration";
+        //
+        // // === Use Fleet-Auth third-party OIDC config ===
+        // o.Authority = "https://fleet-auth.tesla.com/oauth2/v3/nts";
+        //
+        // o.Configuration ??= new OpenIdConnectConfiguration();
+        // o.Configuration.AuthorizationEndpoint = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/authorize";
+        // o.Configuration.TokenEndpoint = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/token";
+        // o.Configuration.JwksUri = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/discovery/thirdparty/keys";
+        // o.Configuration.EndSessionEndpoint = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/logout";
+        // o.Configuration.UserInfoEndpoint = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/userinfo";
+        //
+        // o.Configuration.TokenEndpointAuthMethodsSupported.Clear();
+        // o.Configuration.TokenEndpointAuthMethodsSupported.Add("client_secret_post");
+        //
+        // o.Configuration.ResponseModesSupported.Clear();
+        // o.Configuration.ResponseModesSupported.Add("query");
+        //
+        // o.Configuration.GrantTypesSupported.Clear();
+        // o.Configuration.GrantTypesSupported.Add("authorization_code");
+        //
+        // o.Configuration.SubjectTypesSupported.Clear();
+        // o.Configuration.SubjectTypesSupported.Add("public");
+        //
+        // o.Configuration.ScopesSupported.Clear();
+        // o.Configuration.ScopesSupported.Add("openid");
+        // o.Configuration.ScopesSupported.Add("email");
+        // o.Configuration.ScopesSupported.Add("profile");
+        // o.Configuration.ScopesSupported.Add("metadata");
+        //
+        // o.Configuration.IdTokenSigningAlgValuesSupported.Clear();
+        // o.Configuration.IdTokenSigningAlgValuesSupported.Add("RS256");
+        //
+        // o.Configuration.TokenEndpointAuthSigningAlgValuesSupported.Clear();
+        // o.Configuration.TokenEndpointAuthSigningAlgValuesSupported.Add("RS256");
+        //
+        // o.Configuration.ClaimsSupported.Clear();
+        // o.Configuration.ClaimsSupported.Add("iss");
+        // o.Configuration.ClaimsSupported.Add("iat");
+        // o.Configuration.ClaimsSupported.Add("exp");
+        // o.Configuration.ClaimsSupported.Add("nonce");
+        // o.Configuration.ClaimsSupported.Add("sub");
+        // o.Configuration.ClaimsSupported.Add("aud");
 
-        // === Use Fleet-Auth third-party OIDC config ===
+        o.ConfigurationManager = new TeslaOIDCConfigurationManager("https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/thirdparty/.well-known/openid-configuration");
-        o.Authority = "https://fleet-auth.tesla.com/oauth2/v3/nts";
-        
-        o.Configuration ??= new OpenIdConnectConfiguration();
-        o.Configuration.AuthorizationEndpoint = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/authorize";
-        o.Configuration.TokenEndpoint = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/token";
-        o.Configuration.JwksUri = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/discovery/thirdparty/keys";
-        o.Configuration.EndSessionEndpoint = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/logout";
-        o.Configuration.UserInfoEndpoint = "https://fleet-auth.prd.vn.cloud.tesla.com/oauth2/v3/userinfo";
-        
-        o.Configuration.TokenEndpointAuthMethodsSupported.Clear();
-        o.Configuration.TokenEndpointAuthMethodsSupported.Add("client_secret_post");
-
-        o.Configuration.ResponseModesSupported.Clear();
-        o.Configuration.ResponseModesSupported.Add("query");
-        
-        o.Configuration.GrantTypesSupported.Clear();
-        o.Configuration.GrantTypesSupported.Add("authorization_code");
-        
-        o.Configuration.SubjectTypesSupported.Clear();
-        o.Configuration.SubjectTypesSupported.Add("public");
-        
-        o.Configuration.ScopesSupported.Clear();
-        o.Configuration.ScopesSupported.Add("openid");
-        o.Configuration.ScopesSupported.Add("email");
-        o.Configuration.ScopesSupported.Add("profile");
-        o.Configuration.ScopesSupported.Add("metadata");
-        
-        o.Configuration.IdTokenSigningAlgValuesSupported.Clear();
-        o.Configuration.IdTokenSigningAlgValuesSupported.Add("RS256");
-        
-        o.Configuration.TokenEndpointAuthSigningAlgValuesSupported.Clear();
-        o.Configuration.TokenEndpointAuthSigningAlgValuesSupported.Add("RS256");
-        
-        o.Configuration.ClaimsSupported.Clear();
-        o.Configuration.ClaimsSupported.Add("iss");
-        o.Configuration.ClaimsSupported.Add("iat");
-        o.Configuration.ClaimsSupported.Add("exp");
-        o.Configuration.ClaimsSupported.Add("nonce");
-        o.Configuration.ClaimsSupported.Add("sub");
-        o.Configuration.ClaimsSupported.Add("aud");
-        
-        o.ConfigurationManager = 
 
         // Standard OIDC web app settings
-        o.ResponseType = OpenIdConnectResponseType.Code;
+        o.ResponseType = "code";
         o.UsePkce = true;
         o.SaveTokens = true;