@@ 655,6 655,49 @@ func (s *Service) IntrospectPOST(c echo.Context) error {
return c.JSON(http.StatusOK, &ret)
}
+// OAuthMetadata sends the OAuth 2 server metadata as specified by RFC 8414.
+// This should be wired up in your echo server routes to the following URL:
+// `/.well-known/oauth-authorization-server`
+func (s *Service) OAuthMetadata(c echo.Context) error {
+ gctx := c.(*server.Context)
+ origin := gctx.Server.Config.BaseURI()
+ aURL, err := url.JoinPath(origin, c.Echo().Reverse(s.RouteName("authorize")))
+ if err != nil {
+ return err
+ }
+ tURL, err := url.JoinPath(origin, c.Echo().Reverse(s.RouteName("access_token_post")))
+ if err != nil {
+ return err
+ }
+ iURL, err := url.JoinPath(origin, c.Echo().Reverse(s.RouteName("introspect_post")))
+ if err != nil {
+ return err
+ }
+
+ ret := struct {
+ Issuer string `json:"issuer"`
+ AuthEndpoint string `json:"authorization_endpoint"`
+ TokenEndpoint string `json:"token_endpoint"`
+ Scopes []string `json:"scopes_supported"`
+ Responses []string `json:"response_types_supported"`
+ Grants []string `json:"grant_types_supported"`
+ Doc string `json:"service_documentation"`
+ IntroEndpoint string `json:"introspection_endpoint"`
+ IntroAuth []string `json:"introspection_endpoint_auth_methods_supported"`
+ }{
+ Issuer: origin,
+ AuthEndpoint: aURL,
+ TokenEndpoint: tURL,
+ Scopes: s.config.Scopes,
+ Responses: []string{"code"},
+ Grants: []string{"authorization_code"},
+ Doc: s.config.DocumentationURL,
+ IntroEndpoint: iURL,
+ IntroAuth: []string{"none"},
+ }
+ return c.JSON(http.StatusOK, &ret)
+}
+
// RouteName ...
func (s *Service) RouteName(value string) string {
return fmt.Sprintf("%s:%s", s.name, value)