@@ -471,7 +471,7 @@ function shouldAttemptFallback(response: Response | undefined, pathname: string)
471
471
async function discoverMetadataWithFallback (
472
472
serverUrl : string | URL ,
473
473
wellKnownType : 'oauth-authorization-server' | 'oauth-protected-resource' ,
474
- opts ?: { protocolVersion ?: string ; metadataUrl ?: string | URL } ,
474
+ opts ?: { protocolVersion ?: string ; metadataUrl ?: string | URL , metadataServerUrl ?: string | URL } ,
475
475
) : Promise < Response | undefined > {
476
476
const issuer = new URL ( serverUrl ) ;
477
477
const protocolVersion = opts ?. protocolVersion ?? LATEST_PROTOCOL_VERSION ;
@@ -482,7 +482,7 @@ async function discoverMetadataWithFallback(
482
482
} else {
483
483
// Try path-aware discovery first
484
484
const wellKnownPath = buildWellKnownPath ( wellKnownType , issuer . pathname ) ;
485
- url = new URL ( wellKnownPath , issuer ) ;
485
+ url = new URL ( wellKnownPath , opts ?. metadataServerUrl ?? issuer ) ;
486
486
url . search = issuer . search ;
487
487
}
488
488
@@ -525,9 +525,13 @@ export async function discoverOAuthMetadata(
525
525
protocolVersion ??= LATEST_PROTOCOL_VERSION ;
526
526
527
527
const response = await discoverMetadataWithFallback (
528
- authorizationServerUrl ,
528
+ issuer ,
529
+ // authorizationServerUrl,
529
530
'oauth-authorization-server' ,
530
- { protocolVersion} ,
531
+ {
532
+ protocolVersion,
533
+ metadataServerUrl : authorizationServerUrl ,
534
+ } ,
531
535
) ;
532
536
533
537
if ( ! response || response . status === 404 ) {
0 commit comments