DEVELOPMENT ENVIRONMENT

~liljamo/tixe

ref: 313b905edc5fb82b56f0aecde376b7468416e117 tixe/auth/oidc.go -rw-r--r-- 1.1 KiB
313b905eJonni Liljamo feat: oidc option for issuer trailing slash 11 months ago 
                                                                                
05027d8c Jonni Liljamo 






eebb5024 Jonni Liljamo 












313b905e Jonni Liljamo 








eebb5024 Jonni Liljamo 















11 months ago






1 year, 3 months ago












11 months ago








1 year, 3 months ago















1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

/*
 * Copyright (C) 2023 Jonni Liljamo <jonni@liljamo.com>
 *
 * This file is licensed under AGPL-3.0-or-later, see NOTICE and LICENSE for
 * more information.
 */
package auth

import (
	"context"
	"log"
	"tixe/config"

	"github.com/coreos/go-oidc/v3/oidc"
	"golang.org/x/oauth2"
)

func NewProviderAndConfig() (*oidc.Provider, oauth2.Config, error) {
	var providerUrl string
	if config.TixeConfig.OidcIssuerTrailingSlash {
		providerUrl = "https://" + config.TixeConfig.OidcDomain + "/"
	} else {
		providerUrl = "https://" + config.TixeConfig.OidcDomain
	}

	provider, err := oidc.NewProvider(context.Background(), providerUrl)
	if err != nil {
		log.Printf("[tixe/auth] Failed to create new custom provider")
		return nil, oauth2.Config{}, err
	}

	config := oauth2.Config{
		ClientID: config.TixeConfig.OidcClientID,
		ClientSecret: config.TixeConfig.OidcSecret,
		RedirectURL: config.TixeConfig.Scheme + "://" + config.TixeConfig.Host + "/auth",
		Endpoint: provider.Endpoint(),
		Scopes: []string{oidc.ScopeOpenID, "profile", "email"},
	}

	return provider, config, nil
}