cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: coverage prompt=none, response_mode=fragment (#385)

Browse source
This commit is contained in:
David Sharnoff 2023-05-03 03:56:47 -07:00 committed by GitHub
parent e62473ba71
commit 157bc6ceb0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 117 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

16
example/server/exampleop/op.go
View file

@ -34,7 +34,7 @@ type Storage interface {
// SetupServer creates an OIDC server with Issuer=http://localhost:<port>
//
// Use one of the pre-made clients in storage/clients.go or register a new one.
func SetupServer(issuer string, storage Storage) *mux.Router {
func SetupServer(issuer string, storage Storage, extraOptions ...op.Option) *mux.Router {
// the OpenID Provider requires a 32-byte key for (token) encryption
// be sure to create a proper crypto random key and manage it securely!
key := sha256.Sum256([]byte("test"))
@ -50,7 +50,7 @@ func SetupServer(issuer string, storage Storage) *mux.Router {
})
// creation of the OpenIDProvider with the just created in-memory Storage
provider, err := newOP(storage, issuer, key)
provider, err := newOP(storage, issuer, key, extraOptions...)
if err != nil {
log.Fatal(err)
}
@ -79,7 +79,7 @@ func SetupServer(issuer string, storage Storage) *mux.Router {
// newOP will create an OpenID Provider for localhost on a specified port with a given encryption key
// and a predefined default logout uri
// it will enable all options (see descriptions)
func newOP(storage op.Storage, issuer string, key [32]byte) (op.OpenIDProvider, error) {
func newOP(storage op.Storage, issuer string, key [32]byte, extraOptions ...op.Option) (op.OpenIDProvider, error) {
config := &op.Config{
CryptoKey: key,
@ -112,10 +112,12 @@ func newOP(storage op.Storage, issuer string, key [32]byte) (op.OpenIDProvider,
},
}
handler, err := op.NewOpenIDProvider(issuer, config, storage,
//we must explicitly allow the use of the http issuer
op.WithAllowInsecure(),
// as an example on how to customize an endpoint this will change the authorization_endpoint from /authorize to /auth
op.WithCustomAuthEndpoint(op.NewEndpoint("auth")),
append([]op.Option{
// we must explicitly allow the use of the http issuer
op.WithAllowInsecure(),
// as an example on how to customize an endpoint this will change the authorization_endpoint from /authorize to /auth
op.WithCustomAuthEndpoint(op.NewEndpoint("auth")),
}, extraOptions...)...,
)
if err != nil {
return nil, err