fix: op handler as http.Handler

example/server/default/default.go

@@ -15,20 +15,27 @@ import (
 
 func main() {
 	ctx := context.Background()
+	port := "9998"
 	config := &op.Config{
 		Issuer:    "http://localhost:9998/",
 		CryptoKey: sha256.Sum256([]byte("test")),
-		Port:      "9998",
 	}
 	storage := mock.NewAuthStorage()
 	handler, err := op.NewDefaultOP(ctx, config, storage, op.WithCustomTokenEndpoint(op.NewEndpoint("test")))
 	if err != nil {
 		log.Fatal(err)
 	}
-	router := handler.HttpHandler().Handler.(*mux.Router)
+	router := handler.HttpHandler().(*mux.Router)
 	router.Methods("GET").Path("/login").HandlerFunc(HandleLogin)
 	router.Methods("POST").Path("/login").HandlerFunc(HandleCallback)
-	op.Start(ctx, handler)
+	server := &http.Server{
+		Addr:    ":" + port,
+		Handler: router,
+	}
+	err = server.ListenAndServe()
+	if err != nil {
+		log.Fatal(err)
+	}
 	<-ctx.Done()
 }
 

pkg/op/config.go

@@ -16,8 +16,6 @@ type Configuration interface {
 	KeysEndpoint() Endpoint
 
 	AuthMethodPostSupported() bool
-
-	Port() string
 }
 
 func ValidateIssuer(issuer string) error {

pkg/op/default_op.go

@@ -10,6 +10,7 @@ import (
 	"gopkg.in/square/go-jose.v2"
 
 	"github.com/caos/logging"
+
 	"github.com/caos/oidc/pkg/oidc"
 	"github.com/caos/oidc/pkg/rp"
 )
@@ -45,7 +46,7 @@ type DefaultOP struct {
 	signer      Signer
 	verifier    rp.Verifier
 	crypto      Crypto
-	http        *http.Server
+	http        http.Handler
 	decoder     *schema.Decoder
 	encoder     *schema.Encoder
 	interceptor HttpInterceptor
@@ -64,7 +65,6 @@ type Config struct {
 	// IdTokenSigningAlgValuesSupported:  []string{keys.SigningAlgorithm},
 	// SubjectTypesSupported:             []string{"public"},
 	// TokenEndpointAuthMethodsSupported:
-	Port string
 }
 
 type endpoints struct {
@@ -180,13 +180,10 @@ func NewDefaultOP(ctx context.Context, config *Config, storage Storage, opOpts .
 	p.signer = NewDefaultSigner(ctx, storage, keyCh)
 	go p.ensureKey(ctx, storage, keyCh, p.timer)
 
-	p.verifier = rp.NewDefaultVerifier(config.Issuer, "", p, rp.WithIgnoreAudience())
+	p.verifier = rp.NewDefaultVerifier(config.Issuer, "", p, rp.WithIgnoreAudience(), rp.WithIgnoreExpiration())
+
+	p.http = CreateRouter(p, p.interceptor)
 
-	router := CreateRouter(p, p.interceptor)
-	p.http = &http.Server{
-		Addr:    ":" + config.Port,
-		Handler: router,
-	}
 	p.decoder = schema.NewDecoder()
 	p.decoder.IgnoreUnknownKeys(true)
 
@@ -225,11 +222,7 @@ func (p *DefaultOP) AuthMethodPostSupported() bool {
 	return true //TODO: config
 }
 
-func (p *DefaultOP) Port() string {
-	return p.config.Port
-}
-
-func (p *DefaultOP) HttpHandler() *http.Server {
+func (p *DefaultOP) HttpHandler() http.Handler {
 	return p.http
 }
 

pkg/op/op.go

@@ -1,12 +1,10 @@
 package op
 
 import (
-	"context"
 	"net/http"
 
 	"github.com/gorilla/handlers"
 	"github.com/gorilla/mux"
-	"github.com/sirupsen/logrus"
 
 	"github.com/caos/oidc/pkg/oidc"
 )
@@ -26,7 +24,7 @@ type OpenIDProvider interface {
 	HandleUserinfo(w http.ResponseWriter, r *http.Request)
 	HandleEndSession(w http.ResponseWriter, r *http.Request)
 	HandleKeys(w http.ResponseWriter, r *http.Request)
-	HttpHandler() *http.Server
+	HttpHandler() http.Handler
 }
 
 type HttpInterceptor func(http.HandlerFunc) http.HandlerFunc
@@ -54,21 +52,3 @@ func CreateRouter(o OpenIDProvider, h HttpInterceptor) *mux.Router {
 	router.HandleFunc(o.KeysEndpoint().Relative(), o.HandleKeys)
 	return router
 }
-
-func Start(ctx context.Context, o OpenIDProvider) {
-	go func() {
-		<-ctx.Done()
-		err := o.HttpHandler().Shutdown(ctx)
-		if err != nil {
-			logrus.Error("graceful shutdown of oidc server failed")
-		}
-	}()
-
-	go func() {
-		err := o.HttpHandler().ListenAndServe()
-		if err != nil {
-			logrus.Panicf("oidc server serve failed: %v", err)
-		}
-	}()
-	logrus.Infof("oidc server is listening on %s", o.Port())
-}