about summary refs log tree commit diff stats
path: root/internal
diff options
context:
space:
mode:
authorAlan Pearce2024-05-21 18:30:03 +0200
committerAlan Pearce2024-05-21 18:57:24 +0200
commit6d0e12252261db9308510816f1e473c0cfecf0db (patch)
tree551bc721b8c301a05836b23f8c3458281f3b7619 /internal
parent143fdc1c4ea72b637b84f0f551c3ac08c1c1ec3d (diff)
downloadwebsite-6d0e12252261db9308510816f1e473c0cfecf0db.tar.lz
website-6d0e12252261db9308510816f1e473c0cfecf0db.tar.zst
website-6d0e12252261db9308510816f1e473c0cfecf0db.zip
add hard-coded oidc webfinger support
Diffstat (limited to 'internal')
-rw-r--r--internal/config/config.go1
-rw-r--r--internal/server/server.go30
2 files changed, 30 insertions, 1 deletions
diff --git a/internal/config/config.go b/internal/config/config.go
index 063f549..be7dcb9 100644
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -37,6 +37,7 @@ type Config struct {
 	Description      string
 	DomainStartDate  string `toml:"domain_start_date"`
 	OriginalDomain   string `toml:"original_domain"`
+	OIDCHost         URL    `toml:"oidc_host"`
 	Taxonomies       []Taxonomy
 	CSP              *CSP `toml:"content-security-policy"`
 	Extra            struct {
diff --git a/internal/server/server.go b/internal/server/server.go
index b4cfc7f..cea349f 100644
--- a/internal/server/server.go
+++ b/internal/server/server.go
@@ -2,6 +2,7 @@ package server
 
 import (
 	"context"
+	"encoding/json"
 	"fmt"
 	"mime"
 	"net"
@@ -15,6 +16,7 @@ import (
 	cfg "website/internal/config"
 	"website/internal/log"
 
+	"github.com/benpate/digit"
 	"github.com/getsentry/sentry-go"
 	sentryhttp "github.com/getsentry/sentry-go/http"
 	"github.com/pkg/errors"
@@ -159,7 +161,33 @@ func New(runtimeConfig *Config) (*Server, error) {
 	top := http.NewServeMux()
 	mux := http.NewServeMux()
 	log.Debug("binding main handler to", "host", runtimeConfig.BaseURL.Hostname()+"/")
-	mux.Handle(runtimeConfig.BaseURL.Hostname()+"/", webHandler(serveFile))
+	hostname := runtimeConfig.BaseURL.Hostname()
+	mux.Handle(hostname+"/", webHandler(serveFile))
+
+	var acctResource = "acct:" + config.Email
+	me := digit.NewResource(acctResource).
+		Link("http://openid.net/specs/connect/1.0/issuer", "", config.OIDCHost.String())
+	mux.HandleFunc(hostname+"/.well-known/webfinger", func(w http.ResponseWriter, r *http.Request) {
+		if r.URL.Query().Get("resource") == acctResource {
+			obj, err := json.Marshal(me)
+			if err != nil {
+				http.Error(
+					w,
+					http.StatusText(http.StatusInternalServerError),
+					http.StatusInternalServerError,
+				)
+
+				return
+			}
+
+			w.Header().Add("Content-Type", "application/jrd+json")
+			w.Header().Add("Access-Control-Allow-Origin", "*")
+			_, err = w.Write(obj)
+			if err != nil {
+				log.Warn("error writing webfinger request", "error", err)
+			}
+		}
+	})
 
 	mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
 		newURL := runtimeConfig.BaseURL.String() + r.URL.String()