86 lines
1.7 KiB
Go
86 lines
1.7 KiB
Go
package oidc
|
|
|
|
import (
|
|
"context"
|
|
"net/http"
|
|
|
|
"github.com/coreos/go-oidc/v3/oidc"
|
|
)
|
|
|
|
type ClientOptions struct {
|
|
Provider *oidc.Provider
|
|
ClientID string
|
|
ClientSecret string
|
|
RedirectURL string
|
|
Scopes []string
|
|
AuthParams map[string]string
|
|
SkipIssuerCheck bool
|
|
HTTPClient *http.Client
|
|
}
|
|
|
|
type ClientOptionFunc func(*ClientOptions)
|
|
|
|
func WithRedirectURL(url string) ClientOptionFunc {
|
|
return func(opt *ClientOptions) {
|
|
opt.RedirectURL = url
|
|
}
|
|
}
|
|
|
|
func WithCredentials(clientID, clientSecret string) ClientOptionFunc {
|
|
return func(opt *ClientOptions) {
|
|
opt.ClientID = clientID
|
|
opt.ClientSecret = clientSecret
|
|
}
|
|
}
|
|
|
|
func WithScopes(scopes ...string) ClientOptionFunc {
|
|
return func(opt *ClientOptions) {
|
|
opt.Scopes = scopes
|
|
}
|
|
}
|
|
|
|
func WithAuthParams(params map[string]string) ClientOptionFunc {
|
|
return func(opt *ClientOptions) {
|
|
opt.AuthParams = params
|
|
}
|
|
}
|
|
|
|
func WithSkipIssuerCheck(skip bool) ClientOptionFunc {
|
|
return func(opt *ClientOptions) {
|
|
opt.SkipIssuerCheck = skip
|
|
}
|
|
}
|
|
|
|
func NewProvider(ctx context.Context, issuer string, skipIssuerVerification bool) (*oidc.Provider, error) {
|
|
if skipIssuerVerification {
|
|
ctx = oidc.InsecureIssuerURLContext(ctx, issuer)
|
|
}
|
|
|
|
return oidc.NewProvider(ctx, issuer)
|
|
}
|
|
|
|
func WithProvider(provider *oidc.Provider) ClientOptionFunc {
|
|
return func(opt *ClientOptions) {
|
|
opt.Provider = provider
|
|
}
|
|
}
|
|
|
|
func WithHTTPClient(client *http.Client) ClientOptionFunc {
|
|
return func(opt *ClientOptions) {
|
|
opt.HTTPClient = client
|
|
}
|
|
}
|
|
|
|
func NewClientOptions(funcs ...ClientOptionFunc) *ClientOptions {
|
|
opt := &ClientOptions{
|
|
Scopes: []string{oidc.ScopeOpenID, "profile"},
|
|
HTTPClient: http.DefaultClient,
|
|
}
|
|
|
|
for _, f := range funcs {
|
|
f(opt)
|
|
}
|
|
|
|
return opt
|
|
}
|