From 13fb53daf68696fbad9045555d330e9f60222cb5 Mon Sep 17 00:00:00 2001
From: Guilherme de Freitas <guilherme.de-freitas@diamond.ac.uk>
Date: Mon, 11 Sep 2023 13:30:35 +0100
Subject: [PATCH 1/3] Add extra logging for OIDC endpoint discovery failure

---
 api/src/Authentication/Type/OIDC.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/api/src/Authentication/Type/OIDC.php b/api/src/Authentication/Type/OIDC.php
index 269abbd73..e9a9e99ba 100644
--- a/api/src/Authentication/Type/OIDC.php
+++ b/api/src/Authentication/Type/OIDC.php
@@ -18,6 +18,12 @@ function __construct() {
         curl_setopt($ch, CURLOPT_HEADER, 0);
         curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
         $response = curl_exec($ch);
+
+        if (curl_errno($ch) || curl_getinfo($ch, CURLINFO_HTTP_CODE != 200)) {
+            error_log("Failed to connect to OIDC discovery endpoint");
+            return;
+        }
+
         curl_close($ch);
         $newProviderConfig = json_decode($response);
 
@@ -25,7 +31,7 @@ function __construct() {
             || !isset($newProviderConfig->userinfo_endpoint)
             || !isset($newProviderConfig->authorization_endpoint) 
             || !isset($newProviderConfig->token_endpoint)) {
-            error_log("OIDC Authentication provider replied with invalid JSON body");
+            error_log("OIDC Authentication provider replied with invalid JSON discovery body");
             return;
         }
         $newProviderConfig->b64ClientCreds = base64_encode(

From cb616c42cba9eb7fdc0faff10bf39a452a350222 Mon Sep 17 00:00:00 2001
From: Guilherme de Freitas <guilherme.de-freitas@diamond.ac.uk>
Date: Wed, 27 Sep 2023 12:01:34 +0100
Subject: [PATCH 2/3] Log HTTP code, error code

---
 api/src/Authentication/Type/OIDC.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/api/src/Authentication/Type/OIDC.php b/api/src/Authentication/Type/OIDC.php
index e9a9e99ba..fa92e50ef 100644
--- a/api/src/Authentication/Type/OIDC.php
+++ b/api/src/Authentication/Type/OIDC.php
@@ -18,9 +18,11 @@ function __construct() {
         curl_setopt($ch, CURLOPT_HEADER, 0);
         curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
         $response = curl_exec($ch);
+        $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+        $errno = curl_errno($ch);
 
-        if (curl_errno($ch) || curl_getinfo($ch, CURLINFO_HTTP_CODE != 200)) {
-            error_log("Failed to connect to OIDC discovery endpoint");
+        if ($errno || http_code != 200) {
+            error_log("Failed to connect to OIDC discovery endpoint. HTTP code: " . $http_code . ". CURL err. no.: " . $errno);
             return;
         }
 

From 6c9eb8c8ea4966374d56ebb1ec5460d9304143e7 Mon Sep 17 00:00:00 2001
From: John Holt <John.Holt@diamond.ac.uk>
Date: Thu, 28 Sep 2023 17:05:10 +0100
Subject: [PATCH 3/3] synctax error

---
 api/src/Authentication/Type/OIDC.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api/src/Authentication/Type/OIDC.php b/api/src/Authentication/Type/OIDC.php
index fa92e50ef..850f2d89a 100644
--- a/api/src/Authentication/Type/OIDC.php
+++ b/api/src/Authentication/Type/OIDC.php
@@ -21,7 +21,7 @@ function __construct() {
         $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
         $errno = curl_errno($ch);
 
-        if ($errno || http_code != 200) {
+        if ($errno || $http_code != 200) {
             error_log("Failed to connect to OIDC discovery endpoint. HTTP code: " . $http_code . ". CURL err. no.: " . $errno);
             return;
         }