Create a new http client in fulcio and pass it to the oidc context

Signed-off-by: Cyril Cordoui <ccordoui@redhat.com>
sigstore · Nov 7, 2023 · 10423a4 · 10423a4
1 parent 328b378
commit 10423a4
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/pkg/config/config.go b/pkg/config/config.go
@@ -168,8 +168,14 @@ func (fc *FulcioConfig) GetVerifier(issuerURL string, opts ...InsecureOIDCConfig
 	// If this issuer hasn't been recently used, or we have special config options, then create a new verifier
 	// and add it to the LRU cache.
 
-	ctx, cancel := context.WithTimeout(context.Background(), defaultOIDCDiscoveryTimeout)
+	parentContext, cancel := context.WithTimeout(context.Background(), defaultOIDCDiscoveryTimeout)
 	defer cancel()
+
+	// go-oidc use DefaultClient and it does not take into account our custom config of http.DefaultTransport
+	// ClientContext create a new Context that carries our http client.
+
+	oidcClient := &http.Client{}
+	ctx := oidc.ClientContext(parentContext, oidcClient)
 	provider, err := oidc.NewProvider(ctx, issuerURL)
 	if err != nil {
 		log.Logger.Warnf("Failed to create provider for issuer URL %q: %v", issuerURL, err)