✨ OIDC Configuration

2024-01-30 16:04:12 +08:00 · 2024-01-30 16:04:12 +08:00 · cd71bbad5f
commit cd71bbad5f
parent 0497e9717b
2 changed files with 20 additions and 0 deletions
--- a/pkg/server/startup.go
+++ b/pkg/server/startup.go
@ -20,6 +20,7 @@ func NewServer() {
 	})

 	A.Get("/.well-known", getMetadata)
+	A.Get("/.well-known/openid-configuration", getOidcConfiguration)

 	api := A.Group("/api").Name("API")
 	{
--- a/pkg/server/well_known_api.go
+++ b/pkg/server/well_known_api.go
@ -1,6 +1,7 @@
 package server

 import (
+	"fmt"
 	"github.com/gofiber/fiber/v2"
 	"github.com/spf13/viper"
 )
@ -12,3 +13,21 @@ func getMetadata(c *fiber.Ctx) error {
 		"open_registration": !viper.GetBool("use_registration_magic_token"),
 	})
 }
+
+func getOidcConfiguration(c *fiber.Ctx) error {
+	domain := viper.GetString("domain")
+	basepath := fmt.Sprintf("https://%s", domain)
+
+	return c.JSON(fiber.Map{
+		"issuer":                                           basepath,
+		"authorization_endpoint":                           fmt.Sprintf("%s/auth/oauth/connect", basepath),
+		"token_endpoint":                                   fmt.Sprintf("%s/api/auth/token", basepath),
+		"userinfo_endpoint":                                fmt.Sprintf("%s/api/users/me", basepath),
+		"response_types_supported":                         []string{"code", "token"},
+		"grant_types_supported":                            []string{"authorization_code", "implicit", "refresh_token"},
+		"subject_types_supported":                          []string{"public"},
+		"token_endpoint_auth_methods_supported":            []string{"client_secret_post"},
+		"id_token_signing_alg_values_supported":            []string{"HS512"},
+		"token_endpoint_auth_signing_alg_values_supported": []string{"HS512"},
+	})
+}