What is c in c.get('oidcAuthorizationServer') in the oidc-auth's README example?

[thara]

In the README of oidc-auth, under the section "Using original response or additional claims", there is the following code:

const oidcClaimsHook = async (orig: OidcAuth | undefined, claims: IDToken | undefined, _response: TokenEndpointResponses): Promise<OidcAuthClaims> => {
  /*
  const { someOtherInfo } = await fetch(c.get('oidcAuthorizationServer').userinfo_endpoint, {
    header: _response.access_token
  }).then((res) => res.json())
  */
...

However, I can't find where c is defined or how it should be resolved in this context.

Am I missing something?

[manimovassagh]

The c in that code snippet is the Hono Context object — it looks like a bug in the README where the c variable is referenced inside the hook but is not actually in scope there.

The oidcClaimsHook callback only receives (orig, claims, _response) — it does not receive the Hono context. The commented-out code is showing a conceptual example of what you could do (fetch additional user info from the userinfo endpoint), but as written it would not work because c is not available inside that closure.

If you actually need access to the authorization server metadata inside the hook, you would need to either:

1. Capture it in a middleware before the hook runs and pass it via closure:

app.use("/*", async (c, next) => {
  const oidcAuth = oidcAuthMiddleware({
    oidcClaimsHook: async (orig, claims, response) => {
      // Access c here via closure
      const server = c.get("oidcAuthorizationServer");
      const userInfo = await fetch(server.userinfo_endpoint, {
        headers: { Authorization: `Bearer ${response.access_token}` },
      }).then((res) => res.json());

      return { ...orig, ...userInfo };
    },
  });
  return oidcAuth(c, next);
});

2. Hard-code the userinfo endpoint if you already know your OIDC providers discovery URL.

Worth opening an issue or PR to fix that README snippet — it is misleading as-is.