package op import ( "net/http" "time" "github.com/gorilla/csrf" "github.com/gorilla/mux" "github.com/spf13/viper" ) func NewOIDCServer(oidc_handler *OIDCHandler, cfg *viper.Viper) error { var ( dev_env = cfg.GetBool("dev_env") address = "0.0.0.0:" + cfg.GetString("services.oidc_provider.port") //csrf_key = cfg.GetString("services.oidc_provider.csrf_key") ) router := mux.NewRouter() router.HandleFunc("/{namespace}/auth", oidc_handler.AuthEndpoint) router.HandleFunc("/{namespace}/token", oidc_handler.TokenEndpoint) router.HandleFunc("/{namespace}/introspect", oidc_handler.IntrospectionEndpoint) router.HandleFunc("/{namespace}/userinfo", oidc_handler.UserinfoEndpoint) router.HandleFunc("/{namespace}/.well-known/openid-configuration", oidc_handler.WellKnownOIDCEndpoint) router.HandleFunc("/{namespace}/.well-known/jwks.json", oidc_handler.WellKnownJWKSEndpoint) if dev_env { csrf.Secure(false) } srv := &http.Server{ Handler: router, Addr: address, WriteTimeout: 15 * time.Second, ReadTimeout: 15 * time.Second, } err := srv.ListenAndServe() return err }