Discovery Document Request does not use Discovery Policy Authority for Request Address

[RobK410]

There exists a problem with the discovery document request when using with AWS Cognito (AWS's IdP) where the discovery Authority is different than the authority of the OAuth endpoints.

That is, AWS Cognito discovery endpoint authority will always be: "https://cognito-idp.{region}.amazonaws.com/"

And AWS Cognito default domain authority are: "https://{custom}.auth.{region}.amazoncognito.com"

The code in question is located here on line 401 of OidcClient.

This code change utilizes the Authority defined in the Discovery Policy instead of using the default Authority defined in the Client Options. Fallback is to use the Client Options Authority.

A proper solution is to check if a DiscoveryPolicy Authority has been specified, and use that instead of the Options.Authority when setting the Address property of the DiscoveryDocumentRequest.