handlers/discovery.go

package handlers

import (
	"encoding/json"
	"net/http"

	"gitlab.com/unboundsoftware/auth0mock/auth"
)

// DiscoveryHandler handles OIDC discovery endpoints
type DiscoveryHandler struct {
	jwtService *auth.JWTService
}

// NewDiscoveryHandler creates a new discovery handler
func NewDiscoveryHandler(jwtService *auth.JWTService) *DiscoveryHandler {
	return &DiscoveryHandler{
		jwtService: jwtService,
	}
}

// OpenIDConfiguration returns the OIDC discovery document
func (h *DiscoveryHandler) OpenIDConfiguration(w http.ResponseWriter, r *http.Request) {
	issuer := h.jwtService.Issuer()

	config := map[string]interface{}{
		"issuer":                                issuer,
		"authorization_endpoint":               issuer + "authorize",
		"token_endpoint":                        issuer + "oauth/token",
		"token_endpoint_auth_methods_supported": []string{"client_secret_basic", "private_key_jwt"},
		"token_endpoint_auth_signing_alg_values_supported": []string{"RS256"},
		"userinfo_endpoint":                     issuer + "userinfo",
		"check_session_iframe":                  issuer + "check_session",
		"end_session_endpoint":                  issuer + "end_session",
		"jwks_uri":                              issuer + ".well-known/jwks.json",
		"registration_endpoint":                 issuer + "register",
		"scopes_supported":                      []string{"openid", "profile", "email", "address", "phone", "offline_access"},
		"response_types_supported":              []string{"code", "code id_token", "id_token", "id_token token"},
		"acr_values_supported":                  []string{},
		"subject_types_supported":               []string{"public", "pairwise"},
		"userinfo_signing_alg_values_supported": []string{"RS256", "ES256", "HS256"},
		"userinfo_encryption_alg_values_supported": []string{"RSA-OAEP-256", "A128KW"},
		"userinfo_encryption_enc_values_supported": []string{"A128CBC-HS256", "A128GCM"},
		"id_token_signing_alg_values_supported":    []string{"RS256", "ES256", "HS256"},
		"id_token_encryption_alg_values_supported": []string{"RSA-OAEP-256", "A128KW"},
		"id_token_encryption_enc_values_supported": []string{"A128CBC-HS256", "A128GCM"},
		"request_object_signing_alg_values_supported": []string{"none", "RS256", "ES256"},
		"display_values_supported":              []string{"page", "popup"},
		"claim_types_supported":                 []string{"normal", "distributed"},
		"claims_supported": []string{
			"sub", "iss", "auth_time", "acr",
			"name", "given_name", "family_name", "nickname",
			"profile", "picture", "website",
			"email", "email_verified", "locale", "zoneinfo",
			h.jwtService.EmailClaim(), h.jwtService.AdminClaim(),
		},
		"claims_parameter_supported": true,
		"service_documentation":      "http://auth0/",
		"ui_locales_supported":       []string{"en-US"},
		"code_challenge_methods_supported": []string{"plain", "S256"},
	}

	w.Header().Set("Content-Type", "application/json")
	json.NewEncoder(w).Encode(config)
}

// JWKS returns the JSON Web Key Set
func (h *DiscoveryHandler) JWKS(w http.ResponseWriter, r *http.Request) {
	jwks, err := h.jwtService.GetJWKS()
	if err != nil {
		http.Error(w, "Failed to get JWKS", http.StatusInternalServerError)
		return
	}

	w.Header().Set("Content-Type", "application/json")
	w.Write(jwks)
}
feat: migrate auth0mock from Node.js to Go Refactor the application to a Go-based architecture for improved performance and maintainability. Replace the Dockerfile to utilize a multi-stage build process, enhancing image efficiency. Implement comprehensive session store tests to ensure reliability and create new OAuth handlers for managing authentication efficiently. Update documentation to reflect these structural changes. 2025-12-29 16:30:37 +01:00			`package handlers`

			`import (`
			`"encoding/json"`
			`"net/http"`

			`"gitlab.com/unboundsoftware/auth0mock/auth"`
			`)`

			`// DiscoveryHandler handles OIDC discovery endpoints`
			`type DiscoveryHandler struct {`
			`jwtService *auth.JWTService`
			`}`

			`// NewDiscoveryHandler creates a new discovery handler`
			`func NewDiscoveryHandler(jwtService auth.JWTService) DiscoveryHandler {`
			`return &DiscoveryHandler{`
			`jwtService: jwtService,`
			`}`
			`}`

			`// OpenIDConfiguration returns the OIDC discovery document`
			`func (h DiscoveryHandler) OpenIDConfiguration(w http.ResponseWriter, r http.Request) {`
			`issuer := h.jwtService.Issuer()`

			`config := map[string]interface{}{`
			`"issuer": issuer,`
			`"authorization_endpoint": issuer + "authorize",`
			`"token_endpoint": issuer + "oauth/token",`
			`"token_endpoint_auth_methods_supported": []string{"client_secret_basic", "private_key_jwt"},`
			`"token_endpoint_auth_signing_alg_values_supported": []string{"RS256"},`
			`"userinfo_endpoint": issuer + "userinfo",`
			`"check_session_iframe": issuer + "check_session",`
			`"end_session_endpoint": issuer + "end_session",`
			`"jwks_uri": issuer + ".well-known/jwks.json",`
			`"registration_endpoint": issuer + "register",`
			`"scopes_supported": []string{"openid", "profile", "email", "address", "phone", "offline_access"},`
			`"response_types_supported": []string{"code", "code id_token", "id_token", "id_token token"},`
			`"acr_values_supported": []string{},`
			`"subject_types_supported": []string{"public", "pairwise"},`
			`"userinfo_signing_alg_values_supported": []string{"RS256", "ES256", "HS256"},`
			`"userinfo_encryption_alg_values_supported": []string{"RSA-OAEP-256", "A128KW"},`
			`"userinfo_encryption_enc_values_supported": []string{"A128CBC-HS256", "A128GCM"},`
			`"id_token_signing_alg_values_supported": []string{"RS256", "ES256", "HS256"},`
			`"id_token_encryption_alg_values_supported": []string{"RSA-OAEP-256", "A128KW"},`
			`"id_token_encryption_enc_values_supported": []string{"A128CBC-HS256", "A128GCM"},`
			`"request_object_signing_alg_values_supported": []string{"none", "RS256", "ES256"},`
			`"display_values_supported": []string{"page", "popup"},`
			`"claim_types_supported": []string{"normal", "distributed"},`
			`"claims_supported": []string{`
			`"sub", "iss", "auth_time", "acr",`
			`"name", "given_name", "family_name", "nickname",`
			`"profile", "picture", "website",`
			`"email", "email_verified", "locale", "zoneinfo",`
			`h.jwtService.EmailClaim(), h.jwtService.AdminClaim(),`
			`},`
			`"claims_parameter_supported": true,`
			`"service_documentation": "http://auth0/",`
			`"ui_locales_supported": []string{"en-US"},`
			`"code_challenge_methods_supported": []string{"plain", "S256"},`
			`}`

			`w.Header().Set("Content-Type", "application/json")`
			`json.NewEncoder(w).Encode(config)`
			`}`

			`// JWKS returns the JSON Web Key Set`
			`func (h DiscoveryHandler) JWKS(w http.ResponseWriter, r http.Request) {`
			`jwks, err := h.jwtService.GetJWKS()`
			`if err != nil {`
			`http.Error(w, "Failed to get JWKS", http.StatusInternalServerError)`
			`return`
			`}`

			`w.Header().Set("Content-Type", "application/json")`
			`w.Write(jwks)`
			`}`