| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758 |
- package sso
- import (
- "encoding/json"
- "net/http"
- "strings"
- )
- type OpenIDConfiguration struct {
- Issuer string `json:"issuer"`
- AuthorizationEndpoint string `json:"authorization_endpoint"`
- TokenEndpoint string `json:"token_endpoint"`
- JwksUri string `json:"jwks_uri"`
- ResponseTypesSupported []string `json:"response_types_supported"`
- SubjectTypesSupported []string `json:"subject_types_supported"`
- IDTokenSigningAlgValuesSupported []string `json:"id_token_signing_alg_values_supported"`
- ClaimsSupported []string `json:"claims_supported"`
- }
- func (h *SSOHandler) HandleDiscoveryRequest(w http.ResponseWriter, r *http.Request) {
- //Prepend https:// if not present
- authBaseURL := h.Config.AuthURL
- if !strings.HasPrefix(authBaseURL, "http://") && !strings.HasPrefix(authBaseURL, "https://") {
- authBaseURL = "https://" + authBaseURL
- }
- //Handle the discovery request
- discovery := OpenIDConfiguration{
- Issuer: authBaseURL,
- AuthorizationEndpoint: authBaseURL + "/oauth2/authorize",
- TokenEndpoint: authBaseURL + "/oauth2/token",
- JwksUri: authBaseURL + "/jwks.json",
- ResponseTypesSupported: []string{"code", "token"},
- SubjectTypesSupported: []string{"public"},
- IDTokenSigningAlgValuesSupported: []string{
- "RS256",
- },
- ClaimsSupported: []string{
- "sub", //Subject, usually the user ID
- "iss", //Issuer, usually the server URL
- "aud", //Audience, usually the client ID
- "exp", //Expiration Time
- "iat", //Issued At
- "email", //Email
- "locale", //Locale
- "name", //Full Name
- "nickname", //Nickname
- "preferred_username", //Preferred Username
- "website", //Website
- },
- }
- //Write the response
- js, _ := json.Marshal(discovery)
- w.Header().Set("Content-Type", "application/json")
- w.Write(js)
- }
|
