Skip to content

Commit

Permalink
Implement OAuth 2.0 Authorization Server Metadata - closes #3143
Browse files Browse the repository at this point in the history
  • Loading branch information
@benfrancis
benfrancis committed Aug 4, 2024
1 parent 6b5fb8f commit 30e9336
Show file tree
Hide file tree
Showing 3 changed files with 33 additions and 0 deletions.
1 change: 1 addition & 0 deletions src/constants.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ export const INTERNAL_LOGS_PATH = '/internal-logs';
export const LOGS_PATH = '/logs';
export const PUSH_PATH = '/push';
export const PING_PATH = '/ping';
export const WELL_KNOWN_PATH = '/.well-known';
export const PROXY_PATH = '/proxy';
export const EXTENSIONS_PATH = '/extensions';
// Remember we end up in the build/* directory so these paths looks slightly
Expand Down
30 changes: 30 additions & 0 deletions src/controllers/well-known_controller.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
/**
* Well-Known Controller
*
* Handles HTTP requests to /.well-known
*/

import express from 'express';
import * as Constants from '../constants';

function build(): express.Router {
const controller = express.Router();

/**
* OAuth 2.0 Authorization Server Metadata (RFC 8414)
*/
controller.get('/oauth-authorization-server', (request, response) => {
const origin = request.protocol + '://' + request.headers.host;
response.json({
'issuer': origin,
'authorization_endpoint': origin + Constants.OAUTH_PATH + '/authorize',
'token_endpoint': origin + Constants.OAUTH_PATH + '/token',
'response_types_supported': ['code']
//TODO: Consider adding scopes_supported with a dynamically generated list
});
});

return controller;
}

export default build;
2 changes: 2 additions & 0 deletions src/router.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ import NotifiersController from './controllers/notifiers_controller';
import OAuthClientsController from './controllers/oauthclients_controller';
import OAuthController from './controllers/oauth_controller';
import PingController from './controllers/ping_controller';
import WellKnownController from './controllers/well-known_controller';
import ProxyController, { WithProxyMethods } from './controllers/proxy_controller';
import PushController from './controllers/push_controller';
import RootController from './controllers/root_controller';
Expand Down Expand Up @@ -155,6 +156,7 @@ class Router {
app.use(API_PREFIX + Constants.SETTINGS_PATH, nocache, SettingsController());
app.use(API_PREFIX + Constants.USERS_PATH, nocache, UsersController());
app.use(API_PREFIX + Constants.PING_PATH, nocache, PingController());
app.use(API_PREFIX + Constants.WELL_KNOWN_PATH, nocache, WellKnownController());

// Authenticated API routes
app.use(API_PREFIX + Constants.THINGS_PATH, nocache, auth, ThingsController());
Expand Down

0 comments on commit 30e9336

Please sign in to comment.