endpoints: add authentik provider

endpoints/endpoints.go

@@ -257,3 +257,19 @@ func AWSCognito(domain string) oauth2.Endpoint {
 		TokenURL: domain + "/oauth2/token",
 	}
 }
+
+// AuthentikProvider returns a new oauth2.Endpoint for the supplied Authentik domain
+//
+// Example domain: https://testing.auth.us-east-1.amazoncognito.com
+//
+// For more information see:
+// https://docs.goauthentik.io/docs/providers/oauth2/
+func AuthentikProvider(userHost, serverHost string) oauth2.Endpoint {
+	userHost = strings.TrimRight(userHost, "/")
+	serverHost = strings.TrimRight(serverHost, "/")
+
+	return oauth2.Endpoint{
+		AuthURL:  userHost + "/application/o/authorize/",
+		TokenURL: serverHost + "/application/o/token/",
+	}
+}

endpoints/endpoints_test.go

@@ -41,3 +41,41 @@ func TestAWSCognitoEndpoint(t *testing.T) {
 		})
 	}
 }
+
+func TestAuthentikProviderEndpoint(t *testing.T) {
+
+	var endpointTests = []struct {
+		Name       string
+		userHost   string
+		serverHost string
+		out        oauth2.Endpoint
+	}{
+		{
+			Name:       "Without Ending URL-Slash",
+			userHost:   "https://example.com",
+			serverHost: "https://authentik:9000",
+			out: oauth2.Endpoint{
+				AuthURL:  "https://example.com/application/o/authorize/",
+				TokenURL: "https://authentik:9000/application/o/token/",
+			},
+		},
+		{
+			Name:       "With Ending URL-Slash",
+			userHost:   "https://example.com/",
+			serverHost: "https://authentik:9000/",
+			out: oauth2.Endpoint{
+				AuthURL:  "https://example.com/application/o/authorize/",
+				TokenURL: "https://authentik:9000/application/o/token/",
+			},
+		},
+	}
+
+	for _, tt := range endpointTests {
+		t.Run(tt.Name, func(t *testing.T) {
+			endpoint := AuthentikProvider(tt.userHost, tt.serverHost)
+			if endpoint != tt.out {
+				t.Errorf("got %q, want %q", endpoint, tt.out)
+			}
+		})
+	}
+}