41 lines
905 B
Go
41 lines
905 B
Go
package oidc
|
|
|
|
import (
|
|
"context"
|
|
|
|
"git.tijl.dev/tijl/tijl.dev/internal/config"
|
|
log "git.tijl.dev/tijl/tijl.dev/modules/logger"
|
|
"github.com/coreos/go-oidc/v3/oidc"
|
|
"golang.org/x/oauth2"
|
|
)
|
|
|
|
var Config *oauth2.Config
|
|
var Provider *oidc.Provider
|
|
var Verifier *oidc.IDTokenVerifier
|
|
|
|
func Load(ctx context.Context) {
|
|
var err error
|
|
Provider, err = oidc.NewProvider(ctx, config.Config.Oidc.Provider)
|
|
if err != nil {
|
|
log.Fatal().Err(err).Msg("failed to load oidc")
|
|
}
|
|
|
|
oidcConfig := &oidc.Config{
|
|
ClientID: config.Config.ClientID,
|
|
}
|
|
|
|
Config = &oauth2.Config{
|
|
ClientID: config.Config.Oidc.ClientID,
|
|
ClientSecret: config.Config.Oidc.ClientSecret,
|
|
RedirectURL: config.Config.UrlBase + config.Config.Oidc.CallbackUrl,
|
|
|
|
Endpoint: Provider.Endpoint(),
|
|
|
|
Scopes: []string{oidc.ScopeOpenID, "profile", "email"},
|
|
}
|
|
|
|
Verifier = Provider.Verifier(oidcConfig)
|
|
|
|
log.Debug().Msg("loaded oidc")
|
|
}
|