2022-08-02 10:26:28 +00:00
|
|
|
package op
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/json"
|
|
|
|
"fmt"
|
|
|
|
"net/http"
|
|
|
|
|
|
|
|
"github.com/gorilla/mux"
|
|
|
|
"gopkg.in/square/go-jose.v2"
|
|
|
|
)
|
|
|
|
|
|
|
|
func (op *OIDCHandler) WellKnownOIDCEndpoint(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
|
|
|
var (
|
|
|
|
host = r.Host
|
|
|
|
namespace = mux.Vars(r)["namespace"]
|
2022-11-07 00:35:06 +00:00
|
|
|
protocol = op.Protocol
|
|
|
|
issuer = fmt.Sprintf("%s://%s/%s", protocol, host, namespace)
|
2022-08-02 10:26:28 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
response := map[string]any{
|
|
|
|
"issuer": issuer,
|
|
|
|
"authorization_endpoint": issuer + "/auth",
|
|
|
|
"token_endpoint": issuer + "/token",
|
|
|
|
"userinfo_endpoint": issuer + "/userinfo",
|
|
|
|
"id_token_signing_alg_values_supported": []string{"RS256"},
|
|
|
|
"grant_types_supported": []string{"authorization_code", "implicit", "client_credentials", "refresh_token"},
|
|
|
|
"response_types": []string{"code", "code id_token", "id_token", "token id_token", "token", "token id_token code"},
|
|
|
|
"response_modes_supported": []string{"query", "fragment"},
|
|
|
|
"jwks_uri": issuer + "/.well-known/jwks.json",
|
|
|
|
}
|
|
|
|
|
|
|
|
json, err := json.Marshal(response)
|
|
|
|
if err != nil {
|
|
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
w.Write(json)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (op *OIDCHandler) WellKnownJWKSEndpoint(w http.ResponseWriter, r *http.Request) {
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
jwks := &jose.JSONWebKeySet{
|
|
|
|
Keys: []jose.JSONWebKey{
|
|
|
|
{
|
|
|
|
KeyID: "kid-foo",
|
|
|
|
Use: "sig",
|
|
|
|
Key: &op.PrivateKey.PublicKey,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
jsonJwks, err := json.Marshal(jwks)
|
|
|
|
if err != nil {
|
|
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
|
|
}
|
|
|
|
|
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
w.Write(jsonJwks)
|
|
|
|
}
|