package op import ( "encoding/json" "fmt" "net/http" "github.com/gorilla/mux" "gopkg.in/square/go-jose.v2" ) func (op *OIDCHandler) WellKnownOIDCEndpoint(w http.ResponseWriter, r *http.Request) { var ( host = r.Host namespace = mux.Vars(r)["namespace"] protocol = op.Protocol issuer = fmt.Sprintf("%s://%s/%s", protocol, host, namespace) ) response := map[string]any{ "issuer": issuer, "authorization_endpoint": issuer + "/auth", "token_endpoint": issuer + "/token", "userinfo_endpoint": issuer + "/userinfo", "id_token_signing_alg_values_supported": []string{"RS256"}, "grant_types_supported": []string{"authorization_code", "implicit", "client_credentials", "refresh_token"}, "response_types": []string{"code", "code id_token", "id_token", "token id_token", "token", "token id_token code"}, "response_modes_supported": []string{"query", "fragment"}, "jwks_uri": issuer + "/.well-known/jwks.json", } json, err := json.Marshal(response) if err != nil { w.WriteHeader(http.StatusInternalServerError) return } w.Header().Set("Content-Type", "application/json") w.WriteHeader(http.StatusOK) w.Write(json) } func (op *OIDCHandler) WellKnownJWKSEndpoint(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") jwks := &jose.JSONWebKeySet{ Keys: []jose.JSONWebKey{ { KeyID: "kid-foo", Use: "sig", Key: &op.PrivateKey.PublicKey, }, }, } jsonJwks, err := json.Marshal(jwks) if err != nil { w.WriteHeader(http.StatusInternalServerError) } w.WriteHeader(http.StatusOK) w.Write(jsonJwks) }