diff options
| -rw-r--r-- | src/oidc/main.go | 11 | ||||
| -rw-r--r-- | src/oidc/openid-configuration.json | 37 |
2 files changed, 47 insertions, 1 deletions
diff --git a/src/oidc/main.go b/src/oidc/main.go index 6a93b36..c3d0574 100644 --- a/src/oidc/main.go +++ b/src/oidc/main.go @@ -5,6 +5,7 @@ import ( "io/ioutil" "log" "net/http" + "text/template" "time" "github.com/golang-jwt/jwt" @@ -83,7 +84,7 @@ func handler(w http.ResponseWriter, r *http.Request) { RedirectUri: r.FormValue("redirect_uri"), Nonce: r.FormValue("nonce"), } - idToken := createIdToken(r.FormValue("client_id") + idToken := createIdToken(r.FormValue("client_id")) url := fmt.Sprintf("%s?access_token=example&token_type=bearer&id_token=%s&expires_in=3600&state=%s", ar.RedirectUri, idToken, ar.State) http.Redirect(w, r, url, 302) } else if responseType == "code id_token" || responseType == "code token" || responseType == "code id_token token" { @@ -117,6 +118,14 @@ func handler(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusNotFound) fmt.Fprintf(w, "Not Found\n") } + } else if r.URL.Path == "/.well-known/openid-configuration" { + w.Header().Set("Content-Type", "application/json") + data, _ := ioutil.ReadFile("openid-configuration.json") + tmpl, _ := template.New("test").Parse(string(data)) + type Blah struct { + Host string + } + tmpl.Execute(w, Blah{Host: "http://localhost:8282"}) } else { w.WriteHeader(http.StatusNotFound) fmt.Fprintf(w, "Not Found\n") diff --git a/src/oidc/openid-configuration.json b/src/oidc/openid-configuration.json new file mode 100644 index 0000000..f30cf66 --- /dev/null +++ b/src/oidc/openid-configuration.json @@ -0,0 +1,37 @@ +{ + "issuer": "{{.Host}}", + "authorization_endpoint": "{{.Host}}/authorize", + "token_endpoint": "{{.Host}}/token", + "userinfo_endpoint": "{{.Host}}/userinfo", + "jwks_uri": "{{.Host}}/.well-known/jwks.json", + "revocation_endpoint": "{{.Host}}/revoke", + "scopes_supported": [ + "openid" + ], + "response_types_supported": [ + "code id_token token", + "code id_token", + "code token", + "code", + "id_token token", + "id_token" + ], + "response_modes_supported": [ + "query", + "fragment", + "form_post" + ], + "subject_types_supported": [ + "public" + ], + "id_token_signing_alg_values_supported": [ + "RS256" + ], + "claims_supported": [ + "aud", + "exp", + "iat", + "iss", + "sub" + ] +} |