feat: new env variable for server URI

internal/auth/routes.go

@@ -29,7 +29,7 @@ func (h *AuthHandler) signTokens(user *repository.User) (string, string, error)
 		UserEmail: user.Email,
 		IsAdmin:   user.IsAdmin,
 		RegisteredClaims: jwt.RegisteredClaims{
-			Issuer:    h.cfg.Jwt.Issuer,
+			Issuer:    h.cfg.Uri,
 			Subject:   user.ID.String(),
 			IssuedAt:  jwt.NewNumericDate(time.Now()),
 			ExpiresAt: jwt.NewNumericDate(time.Now().Add(15 * time.Minute)),
@@ -45,7 +45,7 @@ func (h *AuthHandler) signTokens(user *repository.User) (string, string, error)
 		UserEmail: user.Email,
 		IsAdmin:   user.IsAdmin,
 		RegisteredClaims: jwt.RegisteredClaims{
-			Issuer:    h.cfg.Jwt.Issuer,
+			Issuer:    h.cfg.Uri,
 			Subject:   user.ID.String(),
 			IssuedAt:  jwt.NewNumericDate(time.Now()),
 			ExpiresAt: jwt.NewNumericDate(time.Now().Add(30 * 24 * time.Hour)),

internal/config/jwt.go

@@ -4,5 +4,4 @@ type JwtConfig struct {
 	PrivateKey string `env:"GUARD_JWT_PRIVATE" required:"true"`
 	PublicKey  string `env:"GUARD_JWT_PUBLIC" required:"true"`
 	KID        string `env:"GUARD_JWT_KID" default:"guard-rsa"`
-	Issuer     string `env:"GUARD_JWT_ISSUER" required:"true"`
 }

internal/config/mod.go

@@ -12,6 +12,7 @@ import (
 type AppConfig struct {
 	Port        string `env:"GUARD_PORT" default:"3001"`
 	Host        string `env:"GUARD_HOST" default:"127.0.0.1"`
+	Uri         string `env:"GUARD_URI" default:"http://127.0.0.1:3001"`
 	DatabaseURL string `env:"GUARD_DB_URL" required:"true"`
 	Admin       AdminConfig
 	Jwt         JwtConfig

internal/oauth/openid.go

@@ -23,11 +23,11 @@ func (h *OAuthHandler) OpenIdConfiguration(w http.ResponseWriter, r *http.Reques
 	w.Header().Set("Content-Type", "application/json")
 
 	if err := encoder.Encode(Response{
-		TokenEndpoint:         h.cfg.Jwt.Issuer + "/api/v1/oauth/token",
-		AuthorizationEndpoint: h.cfg.Jwt.Issuer + "/api/v1/oauth/authorize",
-		JwksURI:               h.cfg.Jwt.Issuer + "/.well-known/jwks.json",
-		Issuer:                h.cfg.Jwt.Issuer,
-		EndSessionEndpoint:    h.cfg.Jwt.Issuer + "/api/v1/oauth/logout",
+		TokenEndpoint:         h.cfg.Uri + "/api/v1/oauth/token",
+		AuthorizationEndpoint: h.cfg.Uri + "/api/v1/oauth/authorize",
+		JwksURI:               h.cfg.Uri + "/.well-known/jwks.json",
+		Issuer:                h.cfg.Uri,
+		EndSessionEndpoint:    h.cfg.Uri + "/api/v1/oauth/logout",
 	}); err != nil {
 		web.Error(w, "failed to encode response", http.StatusInternalServerError)
 	}

internal/oauth/token.go

@@ -91,7 +91,7 @@ func (h *OAuthHandler) tokenEndpoint(w http.ResponseWriter, r *http.Request) {
 			Nonce:         nonce,
 			Roles:         roles,
 			RegisteredClaims: jwt.RegisteredClaims{
-				Issuer: h.cfg.Jwt.Issuer,
+				Issuer: h.cfg.Uri,
 				// TODO: use dedicated API id that is in local DB and bind to user there
 				Subject:   user.ID.String(),
 				Audience:  jwt.ClaimStrings{clientId},