Intermittent Azure AD discovery failures during cold start with lua-resty-openidc

[TickettEnterprises]

I have the following production environment setup:

• openresty:alpine-fat docker image deployed to AWS App Runner
• Nginx files using lua-resty-openidc.

When hitting the URL to the server, there is a cold start if the docker image hasn't been running for a while. I sometimes get a accessing discovery url (https://login.microsoftonline.com/organizations/v2.0/.well-known/openid-configuration) failed: network unreachable. After few seconds, I can refresh the page and the error is gone. I also see the same error when using the docker image in Docker Desktop.

To get around this error, I've created a retry wrapper, passing in a delay and retry.

function _M.authenticate_with_retry(opts, max_retries, retry_delay)
  local res, err
  local attempts = 0
  max_retries = tonumber(max_retries)
  retry_delay = tonumber(retry_delay)

  while attempts < max_retries do
    res, err = require("resty.openidc").authenticate(opts)
    if res then
      return res
    end
    attempts = attempts + 1
    if attempts < max_retries then
      ngx.log(ngx.NOTICE, "Authentication failed, attempt ", attempts, " of ", max_retries, ". Retrying in ", retry_delay, " seconds.")
      ngx.sleep(retry_delay)
    end
  end
  ngx.log(ngx.ERR, "Authentication failed after ", max_retries, " attempts: ", err)
  return nil, err
end

`res, err = _M.authenticate_with_retry(opts, max_retries, retry_delay)`

Is there any built in functionality that already handles this? Or is this something we should raise a pull request to implement?

Thanks