From 6c5b693a58b15cefda3a7403bf51de71c223ef00 Mon Sep 17 00:00:00 2001
From: Juho Majasaari <juho.majasaari@iki.fi>
Date: Tue, 21 Jan 2025 17:24:48 +0200
Subject: [PATCH] use correct audience when requesting oidc token (#1744)

* use correct audience when requesting oidc token

* Update action.yml

* Update action.yml

---------

Co-authored-by: Tom Hu <88201630+thomasrockhu-codecov@users.noreply.github.com>
---
 action.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/action.yml b/action.yml
index 0a40b59..736e5c4 100644
--- a/action.yml
+++ b/action.yml
@@ -192,7 +192,7 @@ runs:
         then
           # {"count":1984,"value":"***"}
           echo -e "\033[0;32m==>\033[0m Requesting OIDC token from '$ACTIONS_ID_TOKEN_REQUEST_URL'"
-          CC_TOKEN=$(curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=https://codecov.io" | cut -d\" -f6)
+          CC_TOKEN=$(curl -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=$CC_OIDC_AUDIENCE" | cut -d\" -f6)
           echo "CC_TOKEN=$CC_TOKEN" >> "$GITHUB_ENV"
         elif [ -n "${{ env.CODECOV_TOKEN }}" ];
         then
@@ -206,6 +206,8 @@ runs:
             echo "CC_TOKEN=$CC_TOKEN" >> "$GITHUB_ENV"
           fi
         fi
+      env:
+        CC_OIDC_AUDIENCE: ${{ inputs.url || 'https://codecov.io' }}
 
     - name: Override branch for forks
       shell: bash