feat: split oauth endpoints into files

2025-06-02 12:31:01 +02:00
parent 5d9e5d27bf
commit 1ef261660f
5 changed files with 249 additions and 236 deletions
--- a/internal/oauth/jwks.go
+++ b/internal/oauth/jwks.go
@ -0,0 +1,36 @@
+package oauth
+
+import (
+	"encoding/base64"
+	"encoding/json"
+	"net/http"
+
+	"gitea.local/admin/hspguard/internal/util"
+	"gitea.local/admin/hspguard/internal/web"
+)
+
+func (h *OAuthHandler) WriteJWKS(w http.ResponseWriter, r *http.Request) {
+	pubKey, err := util.ParseBase64PublicKey(h.cfg.Jwt.PublicKey)
+	if err != nil {
+		web.Error(w, "failed to parse public key", http.StatusInternalServerError)
+	}
+
+	n := base64.RawURLEncoding.EncodeToString(pubKey.N.Bytes())
+	e := base64.RawURLEncoding.EncodeToString([]byte{1, 0, 1}) // 65537 = 0x010001
+
+	jwks := map[string]interface{}{
+		"keys": []map[string]string{
+			{
+				"kty": "RSA",
+				"kid": "my-rsa-key-1",
+				"use": "sig",
+				"alg": "RS256",
+				"n":   n,
+				"e":   e,
+			},
+		},
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(jwks)
+}