From 912c2a7993ba0775d183329373a03e47b0c42fdd Mon Sep 17 00:00:00 2001
From: Seongmin Lee <git@boltless.me>
Date: Sun, 19 Oct 2025 22:38:47 +0900
Subject: [PATCH] appview/oauth: support custom PLC directory
Change-Id: kxozpvvnyuuormzuppxyuxopuzxpmkoz

- inherit idResolver's PLC directory for oauth
- override `Client.Transport` to support PDS served in localhost

Signed-off-by: Seongmin Lee <git@boltless.me>
---
 appview/oauth/oauth.go | 10 +++++++++-
 appview/state/login.go |  1 +
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/appview/oauth/oauth.go b/appview/oauth/oauth.go
index 78ee421f..476b83bb 100644
--- a/appview/oauth/oauth.go
+++ b/appview/oauth/oauth.go
@@ -58,8 +58,16 @@ func New(config *config.Config, ph posthog.Client, db *db.DB, enforcer *rbac.Enf
 
 	sessStore := sessions.NewCookieStore([]byte(config.Core.CookieSecret))
 
+	clientApp := oauth.NewClientApp(&oauthConfig, authStore)
+	// use same plc directory from idresolver
+	clientApp.Dir = res.Directory()
+	// allow non-public transports in dev mode
+	if config.Core.Dev {
+		clientApp.Resolver.Client.Transport = http.DefaultTransport
+	}
+
 	return &OAuth{
-		ClientApp:  oauth.NewClientApp(&oauthConfig, authStore),
+		ClientApp:  clientApp,
 		Config:     config,
 		SessStore:  sessStore,
 		JwksUri:    jwksUri,
diff --git a/appview/state/login.go b/appview/state/login.go
index a476cfb3..2dd0faa3 100644
--- a/appview/state/login.go
+++ b/appview/state/login.go
@@ -44,6 +44,7 @@ func (s *State) Login(w http.ResponseWriter, r *http.Request) {
 
 		redirectURL, err := s.oauth.ClientApp.StartAuthFlow(r.Context(), handle)
 		if err != nil {
+			l.Error("failed to start auth", "err", err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
-- 
2.43.0