func Get(masterPublicURL, authorizeURL, tokenURL string) OauthAuthorizationServerMetadata {
config := osinserver.NewDefaultServerConfig()
return OauthAuthorizationServerMetadata{
Issuer: masterPublicURL,
AuthorizationEndpoint: authorizeURL,
TokenEndpoint: tokenURL,
ScopesSupported: []string{ // Note: this list is incomplete, which is allowed per the draft spec
scope.UserFull,
scope.UserInfo,
scope.UserAccessCheck,
scope.UserListScopedProjects,
scope.UserListAllProjects,
},
ResponseTypesSupported: config.AllowedAuthorizeTypes,
GrantTypesSupported: osin.AllowedAccessType{osin.AUTHORIZATION_CODE, osin.AccessRequestType("implicit")}, // TODO use config.AllowedAccessTypes once our implementation handles other grant types
CodeChallengeMethodsSupported: validation.CodeChallengeMethodsSupported,
}
}
func init() {
sc := osin.NewServerConfig()
sc.AllowedAuthorizeTypes = osin.AllowedAuthorizeType{
osin.CODE,
osin.TOKEN,
}
sc.AllowedAccessTypes = osin.AllowedAccessType{
osin.AUTHORIZATION_CODE,
osin.REFRESH_TOKEN,
osin.ASSERTION,
osin.PASSWORD,
osin.AccessRequestType("saml2-grant"),
}
ts = NewRedisStore()
server = osin.NewServer(sc, ts)
}