forked from bwplotka/oidc
/
config.go
54 lines (45 loc) · 1.74 KB
/
config.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
package login
import (
"fmt"
"net/url"
"github.com/ghodss/yaml"
)
// Config is a login configuration. It does not contain oidc configuration.
type Config struct {
NonceCheck bool `json:"include_nonce"`
// ExtraAuthRequestParams are extra url params in OIDC auth request.
// For example with Google OIDC provider https://accounts.google.com, you can use "access_type=offline".
ExtraAuthRequestParams url.Values `json:"extra_auth_request_params"`
}
var (
// GoogleRTParams are ExtraAuthRequestParams that you can use in Google OIDC flow to retrieve refresh token.
GoogleRTParams = url.Values{
"access_type": []string{"offline"}, // Fetch refresh token.
"prompt": []string{"consent"}, // Always show consent screen on users browser, this will force refresh token to be refetched everytime OIDC browser dance happens.
}
)
// ConfigFromYaml parses config from yaml file.
func ConfigFromYaml(yamlContent []byte) (Config, error) {
var c Config
if err := yaml.Unmarshal(yamlContent, &c); err != nil {
return Config{}, fmt.Errorf("Config: Failed to parse config file: %v", err)
}
// TODO(bwplotka) validate cfg.
return c, nil
}
type OIDCConfig struct {
// Canonical URL for Provider that will be the target issuer that this server authenticate End Users against.
Provider string `json:"provider"`
ClientID string `json:"client_id"`
ClientSecret string `json:"secret"`
Scopes []string `json:"scopes"`
}
// OIDCConfigFromYaml parses config from yaml file.
func OIDCConfigFromYaml(yamlContent []byte) (OIDCConfig, error) {
var c OIDCConfig
if err := yaml.Unmarshal(yamlContent, &c); err != nil {
return OIDCConfig{}, fmt.Errorf("Config: Failed to parse OIDC config file: %v", err)
}
// TODO(bwplotka) validate cfg.
return c, nil
}