3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-29 18:36:30 +02:00
Code Issues Projects Releases Packages Wiki Activity
pomerium/internal/handlers/well_known_pomerium.go
Caleb Doxsey 1dee325b72
authorize: move sign out and jwks urls to route, update issuer for JWT (#4046) 
* authorize: move sign out and jwks urls to route, update issuer for JWT

* fix test
2023-03-08 12:40:15 -07:00

30 lines
1.2 KiB
Go
Raw Permalink Blame History

package handlers
import (
"net/http"
"net/url"
"github.com/rs/cors"
"github.com/pomerium/csrf"
"github.com/pomerium/pomerium/internal/httputil"
"github.com/pomerium/pomerium/internal/urlutil"
)
// WellKnownPomerium returns the /.well-known/pomerium handler.
func WellKnownPomerium(authenticateURL *url.URL) http.Handler {
return cors.AllowAll().Handler(httputil.HandlerFunc(func(w http.ResponseWriter, r *http.Request) error {
wellKnownURLs := struct {
OAuth2Callback string `json:"authentication_callback_endpoint"` // RFC6749
JSONWebKeySetURL string `json:"jwks_uri"` // RFC7517
FrontchannelLogoutURI string `json:"frontchannel_logout_uri"` // https://openid.net/specs/openid-connect-frontchannel-1_0.html
}{
authenticateURL.ResolveReference(&url.URL{Path: "/oauth2/callback"}).String(),
urlutil.GetAbsoluteURL(r).ResolveReference(&url.URL{Path: "/.well-known/pomerium/jwks.json"}).String(),
urlutil.GetAbsoluteURL(r).ResolveReference(&url.URL{Path: "/.pomerium/sign_out"}).String(),
}
w.Header().Set("X-CSRF-Token", csrf.Token(r))
httputil.RenderJSON(w, http.StatusOK, wellKnownURLs)
return nil
}))
}
Reference in a new issue View git blame Copy permalink