Hi,

there was already a lot of discussion around some Azure specific stuff, so here is another:

When using Azure Active Directory B2C the configuration can be found under: https://fabrikamb2c.b2clogin.com/775527ff-9a37-4307-8b3d-cc311f58d925/b2c_1_sign_in/v2.0/.well-known/openid-configuration

However, this is non-complaint, since the issuer does not match.

But, you can also access a similar configuration using query params: https://fabrikamb2c.b2clogin.com/775527ff-9a37-4307-8b3d-cc311f58d925/v2.0/.well-known/openid-configuration?p=b2c_1_sign_in

Which has a correct issuer.

However, this currently is not supported, because of the way the URL is formed here: https://github.com/coreos/go-oidc/blob/v2/oidc.go#L114

There already was a pull request addressing this issue, but it was closed, since a proper motivation/discussion was missing (#217).

I hope we can have this discussion here.