diff --git a/pkg/config/oauth2.go b/pkg/config/oauth2.go
index 0e9a0ca..c300ff7 100644
--- a/pkg/config/oauth2.go
+++ b/pkg/config/oauth2.go
@@ -9,7 +9,6 @@ package config
 
 import (
 	"context"
-	"fmt"
 
 	"github.com/coreos/go-oidc/v3/oidc"
 	"golang.org/x/oauth2"
@@ -18,12 +17,24 @@ import (
 // OAuth2 holds the configuration for the OAuth2 provider.
 type OAuth2 struct {
 	Issuer       string   `yaml:"issuer" json:"issuer"`
+	Endpoint     Endpoint `yaml:"endpoint" json:"endpoint"`
 	ClientID     string   `yaml:"clientID" json:"clientID"`
 	ClientSecret string   `yaml:"clientSecret" json:"clientSecret"`
 	Scopes       []string `yaml:"scopes" json:"scopes"`
 	RedirectURL  string   `yaml:"redirectURL" json:"redirectURL"`
 }
 
+type Endpoint struct {
+	AuthURL       string `yaml:"authURL" json:"authURL"`
+	DeviceAuthURL string `yaml:"deviceAuthURL" json:"deviceAuthURL"`
+	TokenURL      string `yaml:"tokenURL" json:"tokenURL"`
+
+	// AuthStyle optionally specifies how the endpoint wants the
+	// client ID & client secret sent. The zero value means to
+	// auto-detect.
+	AuthStyle int `yaml:"authStyle" json:"authStyle"`
+}
+
 // GetIssuer returns the OAuth2 issuer.
 func (e *OAuth2) GetIssuer() string {
 	return e.Issuer
@@ -51,16 +62,23 @@ func (e *OAuth2) GetRedirectURL() string {
 
 // GetOAuth2Config returns an oauth2.Config.
 func (e *OAuth2) GetOAuth2Config(c context.Context) (*oauth2.Config, error) {
-	fmt.Println(e.Scopes)
-	provider, err := oidc.NewProvider(c, e.Issuer)
-	if err != nil {
-		return nil, err
-	}
-	return &oauth2.Config{
+	conf := &oauth2.Config{
 		ClientID:     e.ClientID,
 		ClientSecret: e.ClientSecret,
 		Scopes:       e.Scopes,
-		Endpoint:     provider.Endpoint(),
 		RedirectURL:  e.RedirectURL,
-	}, nil
+	}
+	if e.Issuer != "" {
+		provider, err := oidc.NewProvider(c, e.Issuer)
+		if err != nil {
+			return nil, err
+		}
+		conf.Endpoint = provider.Endpoint()
+		return conf, nil
+	}
+	conf.Endpoint.AuthURL = e.Endpoint.AuthURL
+	conf.Endpoint.TokenURL = e.Endpoint.TokenURL
+	conf.Endpoint.AuthStyle = oauth2.AuthStyle(e.Endpoint.AuthStyle)
+	conf.Endpoint.DeviceAuthURL = e.Endpoint.DeviceAuthURL
+	return conf, nil
 }
diff --git a/pkg/security/security.go b/pkg/security/security.go
index 9703128..441d9a6 100644
--- a/pkg/security/security.go
+++ b/pkg/security/security.go
@@ -1,5 +1,7 @@
 package security
 
+import "context"
+
 /*
  * @Author: lwnmengjing
  * @Date: 2021/6/23 5:44 下午
@@ -14,5 +16,5 @@ type Verifier interface {
 	GetRoleID() string
 	GetEmail() string
 	GetUsername() string
-	Verify() (bool, Verifier, error)
+	Verify(context.Context) (bool, Verifier, error)
 }