mirror of
https://github.com/pomerium/pomerium.git
synced 2025-04-29 10:26:29 +02:00
5464cda90e
The field contains the route's base uri, including the https:// scheme and ending with a trailing slash.
32 lines
1.3 KiB
Go
32 lines
1.3 KiB
Go
package handlers
|
|
|
|
import (
|
|
"net/http"
|
|
"net/url"
|
|
|
|
"github.com/rs/cors"
|
|
|
|
"github.com/pomerium/csrf"
|
|
"github.com/pomerium/pomerium/internal/httputil"
|
|
"github.com/pomerium/pomerium/internal/urlutil"
|
|
)
|
|
|
|
// WellKnownPomerium returns the /.well-known/pomerium handler.
|
|
func WellKnownPomerium(authenticateURL *url.URL) http.Handler {
|
|
return cors.AllowAll().Handler(httputil.HandlerFunc(func(w http.ResponseWriter, r *http.Request) error {
|
|
wellKnownURLs := struct {
|
|
Issuer string `json:"issuer"`
|
|
OAuth2Callback string `json:"authentication_callback_endpoint"` // RFC6749
|
|
JSONWebKeySetURL string `json:"jwks_uri"` // RFC7517
|
|
FrontchannelLogoutURI string `json:"frontchannel_logout_uri"` // https://openid.net/specs/openid-connect-frontchannel-1_0.html
|
|
}{
|
|
urlutil.GetAbsoluteURL(r).ResolveReference(&url.URL{Path: "/"}).String(),
|
|
authenticateURL.ResolveReference(&url.URL{Path: "/oauth2/callback"}).String(),
|
|
urlutil.GetAbsoluteURL(r).ResolveReference(&url.URL{Path: "/.well-known/pomerium/jwks.json"}).String(),
|
|
urlutil.GetAbsoluteURL(r).ResolveReference(&url.URL{Path: "/.pomerium/sign_out"}).String(),
|
|
}
|
|
w.Header().Set("X-CSRF-Token", csrf.Token(r))
|
|
httputil.RenderJSON(w, http.StatusOK, wellKnownURLs)
|
|
return nil
|
|
}))
|
|
}
|