diff options
| -rw-r--r-- | VPNAuth.Server/Api/Oidc.cs | 26 | ||||
| -rw-r--r-- | VPNAuth.Server/Program.cs | 1 | ||||
| -rw-r--r-- | VPNAuth.Server/Responses/OidcDiscovery.cs | 27 |
3 files changed, 53 insertions, 1 deletions
diff --git a/VPNAuth.Server/Api/Oidc.cs b/VPNAuth.Server/Api/Oidc.cs index e8ff3c0..366fabf 100644 --- a/VPNAuth.Server/Api/Oidc.cs +++ b/VPNAuth.Server/Api/Oidc.cs @@ -1,4 +1,5 @@ -using VPNAuth.Server.Responses; +using System.Net; +using VPNAuth.Server.Responses; namespace VPNAuth.Server.Api; @@ -73,4 +74,27 @@ public static class Oidc await context.Response.WriteAsJsonAsync(userInfoResponse); } + + public static async Task DiscoveryHandler(HttpContext context) + { + if (!context.Request.Host.HasValue) + { + context.Response.StatusCode = StatusCodes.Status400BadRequest; + return; + } + + var serverAddress = context.Request.IsHttps ? "https://" : "http://" + context.Request.Host.Value; + + await context.Response.WriteAsJsonAsync(new OidcDiscovery + { + Issuer = serverAddress + "/", + AuthorizationEndpoint = $"{serverAddress}/auth", + TokenEndpoint = $"{serverAddress}/access-token", + UserInfoEndpoint = $"{serverAddress}/user-info", + JwksUri = "", + ResponseTypesSupported = ["code"], + SubjectTypesSupported = [], + IdTokenSigningAlgValuesSupported = ["RS256"] + }); + } } diff --git a/VPNAuth.Server/Program.cs b/VPNAuth.Server/Program.cs index e8e5d4f..067e61b 100644 --- a/VPNAuth.Server/Program.cs +++ b/VPNAuth.Server/Program.cs @@ -35,6 +35,7 @@ app.MapGet("/accept-auth/{id}", OAuth2.AcceptAuthHandler); app.MapPost("/access-token", OAuth2.AccessTokenHandler); app.MapPost("/user-info-settings", UserInterface.UserSettingsHandler); app.Map("/user-info", Oidc.UserInfoHandler); +app.MapGet("/.well-known/openid-configuration", Oidc.DiscoveryHandler); app.MapStaticAssets(); app.MapRazorPages() diff --git a/VPNAuth.Server/Responses/OidcDiscovery.cs b/VPNAuth.Server/Responses/OidcDiscovery.cs new file mode 100644 index 0000000..e4d66f4 --- /dev/null +++ b/VPNAuth.Server/Responses/OidcDiscovery.cs @@ -0,0 +1,27 @@ +using System.Text.Json.Serialization; + +namespace VPNAuth.Server.Responses; + +public class OidcDiscovery +{ + [JsonPropertyName("issuer")] public string Issuer { get; set; } + + [JsonPropertyName("authorization_endpoint")] + public string AuthorizationEndpoint { get; set; } + + [JsonPropertyName("token_endpoint")] public string TokenEndpoint { get; set; } + + [JsonPropertyName("userinfo_endpoint")] + public string UserInfoEndpoint { get; set; } + + [JsonPropertyName("jwks_uri")] public string JwksUri { get; set; } + + [JsonPropertyName("response_types_supported")] + public List<string> ResponseTypesSupported { get; set; } + + [JsonPropertyName("subject_types_supported")] + public List<string> SubjectTypesSupported { get; set; } + + [JsonPropertyName("id_token_signing_alg_values_supported")] + public List<string> IdTokenSigningAlgValuesSupported { get; set; } +} |