|
| 1 | +import { NextRequest } from "next/server"; |
| 2 | + |
| 3 | +const CORS_HEADERS = { |
| 4 | + "Access-Control-Allow-Origin": "*", |
| 5 | + "Access-Control-Allow-Methods": "GET, OPTIONS", |
| 6 | + "Access-Control-Allow-Headers": "Content-Type, Authorization", |
| 7 | +}; |
| 8 | + |
| 9 | +export async function OPTIONS(): Promise<Response> { |
| 10 | + return new Response(null, { status: 204, headers: CORS_HEADERS }); |
| 11 | +} |
| 12 | + |
| 13 | +export async function GET(request: NextRequest): Promise<Response> { |
| 14 | + const clerkDomain = process.env.NEXT_PUBLIC_CLERK_DOMAIN; |
| 15 | + |
| 16 | + if (!clerkDomain) { |
| 17 | + return Response.json( |
| 18 | + { error: "server_error", error_description: "Clerk domain not found" }, |
| 19 | + { status: 500 }, |
| 20 | + ); |
| 21 | + } |
| 22 | + |
| 23 | + const baseUrl = `${request.nextUrl.protocol}//${request.nextUrl.host}`; |
| 24 | + |
| 25 | + const metadata = { |
| 26 | + issuer: baseUrl, |
| 27 | + authorization_endpoint: `${baseUrl}/authorize`, |
| 28 | + token_endpoint: `${baseUrl}/token`, |
| 29 | + registration_endpoint: `${baseUrl}/register`, |
| 30 | + jwks_uri: `https://${clerkDomain}/.well-known/jwks.json`, |
| 31 | + scopes_supported: ["openid"], |
| 32 | + response_types_supported: ["code"], |
| 33 | + grant_types_supported: ["authorization_code", "refresh_token"], |
| 34 | + code_challenge_methods_supported: ["S256"], |
| 35 | + token_endpoint_auth_methods_supported: [ |
| 36 | + "none", |
| 37 | + "client_secret_post", |
| 38 | + "client_secret_basic", |
| 39 | + ], |
| 40 | + }; |
| 41 | + |
| 42 | + return Response.json(metadata, { headers: CORS_HEADERS }); |
| 43 | +} |
0 commit comments