Adapt OpenID discovery route to cluster configuration

2022-04-16 09:06:59 +02:00 · 2022-04-16 09:06:59 +02:00 · bce601c550
commit bce601c550
parent 5952de1c84
1 changed files with 18 additions and 4 deletions
--- a/src/controllers/openid_controller.rs
+++ b/src/controllers/openid_controller.rs
@ -24,13 +24,27 @@ use crate::data::user::User;
 use crate::utils::string_utils::rand_str;
 use crate::utils::time::time;
-pub async fn get_configuration(app_conf: web::Data<AppConfig>) -> impl Responder {
+pub async fn get_configuration(req: HttpRequest, app_conf: web::Data<AppConfig>) -> impl Responder {
    let is_secure_request = req.headers().get("HTTP_X_FORWARDED_PROTO")
        .map(|v| v.to_str().unwrap_or_default().to_lowercase().eq("https"))
        .unwrap_or(false);
    let host = match req.headers().get("Host") {
        None => return HttpResponse::BadRequest().body("Missing Host header!"),
        Some(s) => s.to_str().unwrap_or_default(),
    };
    let curr_origin = format!("{}://{}", match is_secure_request {
        true => "https",
        false => "http"
    }, host);
    HttpResponse::Ok().json(OpenIDConfig {
        issuer: app_conf.website_origin.clone(),
        authorization_endpoint: app_conf.full_url(AUTHORIZE_URI),
-        token_endpoint: app_conf.full_url(TOKEN_URI),
+        token_endpoint: curr_origin.clone() + TOKEN_URI,
-        userinfo_endpoint: app_conf.full_url(USERINFO_URI),
+        userinfo_endpoint: curr_origin.clone() + USERINFO_URI,
-        jwks_uri: app_conf.full_url(CERT_URI),
+        jwks_uri: curr_origin + CERT_URI,
        scopes_supported: vec!["openid", "profile", "email"],
        response_types_supported: vec!["code", "id_token", "token id_token"],
        subject_types_supported: vec!["public"],