From 87a56aa9546c5a641445a31f1e82c71d1cfc05ff Mon Sep 17 00:00:00 2001
From: George Jahad <george@georgejahad.com>
Date: Fri, 11 Oct 2024 11:01:30 -0700
Subject: [PATCH] don't refresh the provider unnecessarily

---
 app/lib/clients/vault/oidc.rb | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/app/lib/clients/vault/oidc.rb b/app/lib/clients/vault/oidc.rb
index 8a05613..6246a9d 100644
--- a/app/lib/clients/vault/oidc.rb
+++ b/app/lib/clients/vault/oidc.rb
@@ -22,7 +22,7 @@
 
 Note that this provider is only meant to be used in our dev/test
 environment to excercise the client.  In a prod env, a real OIDC
-provider is configured in.
+provider is configured in config/astral.yml
 
 =end
 module Clients
@@ -30,12 +30,15 @@ class Vault
     module Oidc
       cattr_accessor :provider
       def configure_oidc_provider
-        if oidc_provider.logical.read("identity/oidc/provider/astral").nil?
+        provider = oidc_provider.logical.read("identity/oidc/provider/astral")
+        if provider.nil?
           create_provider_webapp
           create_provider_with_email_scope
           create_entity_for_initial_user
           create_userpass_for_initial_user
           map_userpass_to_entity
+        else
+          set_client_id
         end
       end
 
@@ -74,6 +77,10 @@ def create_provider_webapp
           WEBAPP_NAME,
           redirect_uris: redirect_uris,
           assignments: "allow_all")
+        set_client_id
+      end
+
+      def set_client_id
         app = oidc_provider.logical.read(WEBAPP_NAME)
         @@client_id = app.data[:client_id]
         @@client_secret = app.data[:client_secret]