DEVELOPMENT ENVIRONMENT

~liljamo/emerwen-web

ref: 797037fe5da9b632166a17b9e7f57ec2ae0d35e3 emerwen-web/internal/auth/auth.go -rw-r--r-- 1.1 KiB
797037feJonni Liljamo feat: conform to new protocol changes a day ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
/*
 * Copyright (C) 2024 Jonni Liljamo <jonni@liljamo.com>
 *
 * This file is licensed under GPL-3.0-or-later, see NOTICE and LICENSE for
 * more information.
 */

// Package auth provides authentication related types and mechanisms.
package auth

import (
	"context"
	"fmt"

	"git.src.quest/~liljamo/emerwen-web/internal/config"
	"github.com/coreos/go-oidc/v3/oidc"
	"golang.org/x/oauth2"
)

// Auth holds the OIDC provider and OAuth2 config.
type Auth struct {
	Provider *oidc.Provider
	Config   oauth2.Config
}

// New constructs a new Auth struct.
// Panics if OIDC provider can't be constructed.
func New(c *config.Config) *Auth {
	provider, err := oidc.NewProvider(context.Background(), c.OIDCProvider)
	if err != nil {
		panic(fmt.Sprintf("failed to create OIDC provider: %s", err))
	}

	config := oauth2.Config{
		ClientID:     c.OIDCClientID,
		ClientSecret: c.OIDCClientSecret,
		RedirectURL:  c.OIDCRedirectURL,
		Endpoint:     provider.Endpoint(),
		Scopes:       []string{oidc.ScopeOpenID, "profile", "email"},
	}

	return &Auth{
		Provider: provider,
		Config:   config,
	}
}