Multi-tenant "issuer in id_token is not equal to the issuer from the discovery document"

[TickettEnterprises]

I have lua-resty-openidc configured and working fine with the config:

local opts = {
        redirect_uri_path = "http://localhost/return",
        discovery = "https://login.microsoftonline.com/aaa/v2.0/.well-known/openid-configuration",
        client_id = "xxx",
        client_secret = "yyy",
        scope = "openid",
    }
    res, err = require("resty.openidc").authenticate(opts)

But my Azure application is configured for multi-tenant authentication. When I try using the multi-tenant organizations discovery URL like:

local opts = {
        redirect_uri_path = "http://localhost/return",
        discovery = "https://login.microsoftonline.com/organizations/v2.0/.well-known/openid-configuration",
        client_id = "xxx",
        client_secret = "yyy",
        scope = "openid",
    }
    res, err = require("resty.openidc").authenticate(opts)

I get an error message: issuer in id_token is not equal to the issuer from the discovery document

I can work around this by patching openidc.lua- changing:

 -- check issuer
  if opts.discovery.issuer ~= id_token.iss then
    log(ERROR, "issuer \"", id_token.iss, "\" in id_token is not equal to the issuer from the discovery document \"", opts.discovery.issuer, "\"")
    return false
  end

To:

  -- check issuer
  if opts.discovery.issuer ~= "https://login.microsoftonline.com/{tenantid}/v2.0" and opts.discovery.issuer ~= id_token.iss then
    log(ERROR, "issuer \"", id_token.iss, "\" in id_token is not equal to the issuer from the discovery document \"", opts.discovery.issuer, "\"")
    return false
  end

But I wonder if multi-tenant configuration is supported and/or if there's a better way?

If this solution is good then shall I raise a pull request?

Thanks