4 files changed, 22 insertions, 18 deletions

diff --git a/app/init.go b/app/init.go
index 809bfd4..ad87424 100644
--- a/app/init.go
+++ b/app/init.go
@@ -67,9 +67,7 @@ func init() {
 	ioc.RegisterSingleton[*oidc.OpenID](ioc.Default, func() *oidc.OpenID {
 		return oidc.New(
 			ioc.MustResolve[*xoidc.Provider](ioc.Default),
-			cfg.OAuthClientID,
-			cfg.OAuthClientSecret,
-			cfg.OAuthRedirectURL,
+			ioc.MustResolve[*oauth2.Config](ioc.Default),
 		)
 	})
 
diff --git a/app/middleware/id_token_test.go b/app/middleware/id_token_test.go
index b363d2c..bdeaa49 100644
--- a/app/middleware/id_token_test.go
+++ b/app/middleware/id_token_test.go
@@ -4,6 +4,7 @@ import (
 	"net/http"
 	"testing"
 
+	xoidc "github.com/coreos/go-oidc/v3/oidc"
 	"github.com/oauth2-proxy/mockoidc"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
@@ -11,13 +12,21 @@ import (
 	xcfg "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/web"
+	"golang.org/x/oauth2"
 )
 
 func TestIDToken(t *testing.T) {
 	srv := oidc.NewTestServer(t)
 	defer srv.Close()
 
-	openID := oidc.New(srv.Provider, srv.MockOIDC.ClientID, srv.MockOIDC.ClientSecret, "https://example.com/oauth/callback")
+	config := &oauth2.Config{
+		ClientID:     srv.MockOIDC.ClientID,
+		ClientSecret: srv.MockOIDC.ClientSecret,
+		RedirectURL:  "https://example.com/oauth/callback",
+		Endpoint:     srv.Provider.Endpoint(),
+		Scopes:       []string{xoidc.ScopeOpenID, "profile", "email"},
+	}
+	openID := oidc.New(srv.Provider, config)
 	middleware := IDToken(openID, IDTokenFromSessionCookie)
 
 	t.Run("when an active session cookie is provided", func(t *testing.T) {
diff --git a/pkg/oidc/oidc.go b/pkg/oidc/oidc.go
index fc0eaee..5dc2447 100644
--- a/pkg/oidc/oidc.go
+++ b/pkg/oidc/oidc.go
@@ -10,15 +10,6 @@ type OpenID struct {
 	Config   *oauth2.Config
 }
 
-func New(provider *oidc.Provider, clientID, clientSecret, callbackURL string) *OpenID {
-	return &OpenID{
-		Provider: provider,
-		Config: &oauth2.Config{
-			ClientID:     clientID,
-			ClientSecret: clientSecret,
-			RedirectURL:  callbackURL,
-			Endpoint:     provider.Endpoint(),
-			Scopes:       []string{oidc.ScopeOpenID, "profile", "email"},
-		},
-	}
+func New(provider *oidc.Provider, config *oauth2.Config) *OpenID {
+	return &OpenID{Provider: provider, Config: config}
 }
diff --git a/pkg/oidc/oidc_test.go b/pkg/oidc/oidc_test.go
index a3dc7e4..6ec35ab 100644
--- a/pkg/oidc/oidc_test.go
+++ b/pkg/oidc/oidc_test.go
@@ -3,7 +3,9 @@ package oidc
 import (
 	"testing"
 
+	"github.com/coreos/go-oidc/v3/oidc"
 	"github.com/stretchr/testify/assert"
+	"golang.org/x/oauth2"
 )
 
 func TestOpenID(t *testing.T) {
@@ -13,9 +15,13 @@ func TestOpenID(t *testing.T) {
 	t.Run("GET /.well-known/openid-configuration", func(t *testing.T) {
 		openID := New(
 			srv.Provider,
-			srv.MockOIDC.ClientID,
-			srv.MockOIDC.ClientSecret,
-			"https://example.com/oauth/callback",
+			&oauth2.Config{
+				ClientID:     srv.MockOIDC.ClientID,
+				ClientSecret: srv.MockOIDC.ClientSecret,
+				RedirectURL:  "https://example.com/oauth/callback",
+				Endpoint:     srv.Provider.Endpoint(),
+				Scopes:       []string{oidc.ScopeOpenID, "profile", "email"},
+			},
 		)
 
 		assert.Equal(t, srv.AuthorizationEndpoint(), openID.Provider.Endpoint().AuthURL)