@@ -23,6 +23,34 @@ use crate::models::user::*;
2323use crate :: token_store:: TokenStore ;
2424use crate :: util:: split_scopes;
2525
26+ /// See https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata
27+ #[ get( "/.well-known/openid-configuration" ) ]
28+ pub async fn get_well_known_openid_configuration < ' r > (
29+ // injected
30+ config : & State < Config > ,
31+ ) -> impl Responder < ' r , ' static > {
32+ // FIXME: Should only be serialized once on boot since config is immutable.
33+ #[ derive( Serialize ) ]
34+ pub struct OpenidConfiguration {
35+ pub issuer : String ,
36+ pub authorization_endpoint : String ,
37+ pub token_endpoint : String ,
38+ pub jwks_uri : String ,
39+ pub response_types_supported : Vec < String > ,
40+ pub grant_types_supported : Vec < String > ,
41+ pub userinfo_endpoint : String ,
42+ }
43+ Json ( OpenidConfiguration {
44+ issuer : config. base_url . clone ( ) ,
45+ authorization_endpoint : config. base_url . clone ( ) + "/oauth/authorize" ,
46+ token_endpoint : config. base_url . clone ( ) + "/oauth/token" ,
47+ jwks_uri : config. base_url . clone ( ) + "/oauth/jwks" ,
48+ response_types_supported : Vec :: from ( [ "code" . to_string ( ) ] ) ,
49+ grant_types_supported : Vec :: from ( [ "authorization_code" . to_string ( ) ] ) ,
50+ userinfo_endpoint : config. base_url . clone ( ) + "/current_user" ,
51+ } )
52+ }
53+
2654const OAUTH_COOKIE : & str = "ZAUTH_OAUTH" ;
2755
2856#[ derive( Debug , Deserialize , FromForm , Serialize , UriDisplayQuery ) ]
0 commit comments