Domů Procházet Nápověda
Přihlásit se
TC
/
Zoraxy
zrcadlo https://git.hkwtc.org/TC/ReverseProxy
1
0
Rozštěpit 0
Soubory Úkoly 0 Wiki
Strom: fe83f9b94c
Větve Značky
Zoraxy
/
deprecated
/
sso_old
/
openid.go

openid.go 2.0 KB
Historie Surový

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758 
  1. package sso
    2. 

  2. 

  3. import (
    4. 

  4. 	"encoding/json"
    5. 

  5. 	"net/http"
    6. 

  6. 	"strings"
    7. 

  7. )
    8. 

  8. 

  9. type OpenIDConfiguration struct {
    10. 

  10. 	Issuer                           string   `json:"issuer"`
    11. 

  11. 	AuthorizationEndpoint            string   `json:"authorization_endpoint"`
    12. 

  12. 	TokenEndpoint                    string   `json:"token_endpoint"`
    13. 

  13. 	JwksUri                          string   `json:"jwks_uri"`
    14. 

  14. 	ResponseTypesSupported           []string `json:"response_types_supported"`
    15. 

  15. 	SubjectTypesSupported            []string `json:"subject_types_supported"`
    16. 

  16. 	IDTokenSigningAlgValuesSupported []string `json:"id_token_signing_alg_values_supported"`
    17. 

  17. 	ClaimsSupported                  []string `json:"claims_supported"`
    18. 

  18. }
    19. 

  19. 

  20. func (h *SSOHandler) HandleDiscoveryRequest(w http.ResponseWriter, r *http.Request) {
    21. 

  21. 

  22. 	//Prepend https:// if not present
    23. 

  23. 	authBaseURL := h.Config.AuthURL
    24. 

  24. 	if !strings.HasPrefix(authBaseURL, "http://") && !strings.HasPrefix(authBaseURL, "https://") {
    25. 

  25. 		authBaseURL = "https://" + authBaseURL
    26. 

  26. 	}
    27. 

  27. 

  28. 	//Handle the discovery request
    29. 

  29. 	discovery := OpenIDConfiguration{
    30. 

  30. 		Issuer:                 authBaseURL,
    31. 

  31. 		AuthorizationEndpoint:  authBaseURL + "/oauth2/authorize",
    32. 

  32. 		TokenEndpoint:          authBaseURL + "/oauth2/token",
    33. 

  33. 		JwksUri:                authBaseURL + "/jwks.json",
    34. 

  34. 		ResponseTypesSupported: []string{"code", "token"},
    35. 

  35. 		SubjectTypesSupported:  []string{"public"},
    36. 

  36. 		IDTokenSigningAlgValuesSupported: []string{
    37. 

  37. 			"RS256",
    38. 

  38. 		},
    39. 

  39. 		ClaimsSupported: []string{
    40. 

  40. 			"sub",                //Subject, usually the user ID
    41. 

  41. 			"iss",                //Issuer, usually the server URL
    42. 

  42. 			"aud",                //Audience, usually the client ID
    43. 

  43. 			"exp",                //Expiration Time
    44. 

  44. 			"iat",                //Issued At
    45. 

  45. 			"email",              //Email
    46. 

  46. 			"locale",             //Locale
    47. 

  47. 			"name",               //Full Name
    48. 

  48. 			"nickname",           //Nickname
    49. 

  49. 			"preferred_username", //Preferred Username
    50. 

  50. 			"website",            //Website
    51. 

  51. 		},
    52. 

  52. 	}
    53. 

  53. 

  54. 	//Write the response
    55. 

  55. 	js, _ := json.Marshal(discovery)
    56. 

  56. 	w.Header().Set("Content-Type", "application/json")
    57. 

  57. 	w.Write(js)
    58. 

  58. }
    59.