diff --git a/example/server/default/default.go b/example/server/default/default.go index e5b9d0f..421c7f7 100644 --- a/example/server/default/default.go +++ b/example/server/default/default.go @@ -15,20 +15,27 @@ import ( func main() { ctx := context.Background() + port := "9998" config := &op.Config{ Issuer: "http://localhost:9998/", CryptoKey: sha256.Sum256([]byte("test")), - Port: "9998", } storage := mock.NewAuthStorage() handler, err := op.NewDefaultOP(ctx, config, storage, op.WithCustomTokenEndpoint(op.NewEndpoint("test"))) if err != nil { log.Fatal(err) } - router := handler.HttpHandler().Handler.(*mux.Router) + router := handler.HttpHandler().(*mux.Router) router.Methods("GET").Path("/login").HandlerFunc(HandleLogin) router.Methods("POST").Path("/login").HandlerFunc(HandleCallback) - op.Start(ctx, handler) + server := &http.Server{ + Addr: ":" + port, + Handler: router, + } + err = server.ListenAndServe() + if err != nil { + log.Fatal(err) + } <-ctx.Done() } diff --git a/pkg/op/config.go b/pkg/op/config.go index 1b047db..c52609a 100644 --- a/pkg/op/config.go +++ b/pkg/op/config.go @@ -16,8 +16,6 @@ type Configuration interface { KeysEndpoint() Endpoint AuthMethodPostSupported() bool - - Port() string } func ValidateIssuer(issuer string) error { diff --git a/pkg/op/default_op.go b/pkg/op/default_op.go index ed11768..a16d4d3 100644 --- a/pkg/op/default_op.go +++ b/pkg/op/default_op.go @@ -10,6 +10,7 @@ import ( "gopkg.in/square/go-jose.v2" "github.com/caos/logging" + "github.com/caos/oidc/pkg/oidc" "github.com/caos/oidc/pkg/rp" ) @@ -45,7 +46,7 @@ type DefaultOP struct { signer Signer verifier rp.Verifier crypto Crypto - http *http.Server + http http.Handler decoder *schema.Decoder encoder *schema.Encoder interceptor HttpInterceptor @@ -64,7 +65,6 @@ type Config struct { // IdTokenSigningAlgValuesSupported: []string{keys.SigningAlgorithm}, // SubjectTypesSupported: []string{"public"}, // TokenEndpointAuthMethodsSupported: - Port string } type endpoints struct { @@ -180,13 +180,10 @@ func NewDefaultOP(ctx context.Context, config *Config, storage Storage, opOpts . p.signer = NewDefaultSigner(ctx, storage, keyCh) go p.ensureKey(ctx, storage, keyCh, p.timer) - p.verifier = rp.NewDefaultVerifier(config.Issuer, "", p, rp.WithIgnoreAudience()) + p.verifier = rp.NewDefaultVerifier(config.Issuer, "", p, rp.WithIgnoreAudience(), rp.WithIgnoreExpiration()) + + p.http = CreateRouter(p, p.interceptor) - router := CreateRouter(p, p.interceptor) - p.http = &http.Server{ - Addr: ":" + config.Port, - Handler: router, - } p.decoder = schema.NewDecoder() p.decoder.IgnoreUnknownKeys(true) @@ -225,11 +222,7 @@ func (p *DefaultOP) AuthMethodPostSupported() bool { return true //TODO: config } -func (p *DefaultOP) Port() string { - return p.config.Port -} - -func (p *DefaultOP) HttpHandler() *http.Server { +func (p *DefaultOP) HttpHandler() http.Handler { return p.http } diff --git a/pkg/op/op.go b/pkg/op/op.go index a926d34..732a933 100644 --- a/pkg/op/op.go +++ b/pkg/op/op.go @@ -1,12 +1,10 @@ package op import ( - "context" "net/http" "github.com/gorilla/handlers" "github.com/gorilla/mux" - "github.com/sirupsen/logrus" "github.com/caos/oidc/pkg/oidc" ) @@ -26,7 +24,7 @@ type OpenIDProvider interface { HandleUserinfo(w http.ResponseWriter, r *http.Request) HandleEndSession(w http.ResponseWriter, r *http.Request) HandleKeys(w http.ResponseWriter, r *http.Request) - HttpHandler() *http.Server + HttpHandler() http.Handler } type HttpInterceptor func(http.HandlerFunc) http.HandlerFunc @@ -54,21 +52,3 @@ func CreateRouter(o OpenIDProvider, h HttpInterceptor) *mux.Router { router.HandleFunc(o.KeysEndpoint().Relative(), o.HandleKeys) return router } - -func Start(ctx context.Context, o OpenIDProvider) { - go func() { - <-ctx.Done() - err := o.HttpHandler().Shutdown(ctx) - if err != nil { - logrus.Error("graceful shutdown of oidc server failed") - } - }() - - go func() { - err := o.HttpHandler().ListenAndServe() - if err != nil { - logrus.Panicf("oidc server serve failed: %v", err) - } - }() - logrus.Infof("oidc server is listening on %s", o.Port()) -}