wip: authorize page

2026-01-22 23:32:29 +00:00 · 2026-01-21 20:12:32 +02:00
parent 7dc3525a8d
commit 6ae7c1cbda
7 changed files with 191 additions and 0 deletions
--- a/internal/bootstrap/app_bootstrap.go
+++ b/internal/bootstrap/app_bootstrap.go
@@ -30,6 +30,7 @@ type BootstrapApp struct {
 		users               []config.User
 		oauthProviders      map[string]config.OAuthServiceConfig
 		configuredProviders []controller.Provider
+		oidcClients         []config.OIDCClientConfig
 	}
 	services Services
 }
@@ -84,6 +85,12 @@ func (app *BootstrapApp) Setup() error {
 		app.context.oauthProviders[id] = provider
 	}

+	// Setup OIDC clients
+	for id, client := range app.config.OIDC.Clients {
+		client.ID = id
+		app.context.oidcClients = append(app.context.oidcClients, client)
+	}
+
 	// Get cookie domain
 	cookieDomain, err := utils.GetCookieDomain(app.config.AppURL)

--- a/internal/bootstrap/router_bootstrap.go
+++ b/internal/bootstrap/router_bootstrap.go
@@ -86,6 +86,12 @@ func (app *BootstrapApp) setupRouter() (*gin.Engine, error) {

 	oauthController.SetupRoutes()

+	oidcController := controller.NewOIDCController(controller.OIDCControllerConfig{
+		Clients: app.context.oidcClients,
+	}, apiRouter)
+
+	oidcController.SetupRoutes()
+
 	proxyController := controller.NewProxyController(controller.ProxyControllerConfig{
 		AppURL: app.config.AppURL,
 	}, apiRouter, app.services.accessControlService, app.services.authService)
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -132,6 +132,7 @@ type OAuthServiceConfig struct {
 }

 type OIDCClientConfig struct {
+	ID                  string   `description:"OIDC client ID." yaml:"-"`
 	ClientID            string   `description:"OIDC client ID." yaml:"clientId"`
 	ClientSecret        string   `description:"OIDC client secret." yaml:"clientSecret"`
 	ClientSecretFile    string   `description:"Path to the file containing the OIDC client secret." yaml:"clientSecretFile"`
--- a/internal/controller/oidc_controller.go
+++ b/internal/controller/oidc_controller.go
@@ -0,0 +1,71 @@
+package controller
+
+import (
+	"github.com/gin-gonic/gin"
+	"github.com/steveiliop56/tinyauth/internal/config"
+	"github.com/steveiliop56/tinyauth/internal/utils/tlog"
+)
+
+type OIDCControllerConfig struct {
+	Clients []config.OIDCClientConfig
+}
+
+type OIDCController struct {
+	clients []config.OIDCClientConfig
+	router  *gin.RouterGroup
+}
+
+func NewOIDCController(config OIDCControllerConfig, router *gin.RouterGroup) *OIDCController {
+	return &OIDCController{
+		clients: config.Clients,
+		router:  router,
+	}
+}
+
+func (controller *OIDCController) SetupRoutes() {
+	oidcGroup := controller.router.Group("/oidc")
+	oidcGroup.GET("/clients/:id", controller.GetClientInfo)
+}
+
+type ClientRequest struct {
+	ClientID string `uri:"id" binding:"required"`
+}
+
+func (controller *OIDCController) GetClientInfo(c *gin.Context) {
+	var req ClientRequest
+
+	err := c.BindUri(&req)
+	if err != nil {
+		tlog.App.Error().Err(err).Msg("Failed to bind URI")
+		c.JSON(400, gin.H{
+			"status":  400,
+			"message": "Bad Request",
+		})
+		return
+	}
+
+	var client *config.OIDCClientConfig
+
+	// Inefficient yeah, but it will be good until we have thousands of clients
+	for _, clientCfg := range controller.clients {
+		if clientCfg.ClientID == req.ClientID {
+			client = &clientCfg
+			break
+		}
+	}
+
+	if client == nil {
+		tlog.App.Warn().Str("client_id", req.ClientID).Msg("Client not found")
+		c.JSON(404, gin.H{
+			"status":  404,
+			"message": "Client not found",
+		})
+		return
+	}
+
+	c.JSON(200, gin.H{
+		"status": 200,
+		"client": &client.ClientID,
+		"name":   &client.Name,
+	})
+}