GetProtectedResourceMetadata returns an http.HandlerFunc that handles GET /.well-known/oauth-protected-resource
(accessURL *url.URL)
| 31 | |
| 32 | // GetProtectedResourceMetadata returns an http.HandlerFunc that handles GET /.well-known/oauth-protected-resource |
| 33 | func GetProtectedResourceMetadata(accessURL *url.URL) http.HandlerFunc { |
| 34 | return func(rw http.ResponseWriter, r *http.Request) { |
| 35 | ctx := r.Context() |
| 36 | metadata := codersdk.OAuth2ProtectedResourceMetadata{ |
| 37 | Resource: accessURL.String(), |
| 38 | AuthorizationServers: []string{accessURL.String()}, |
| 39 | ScopesSupported: rbac.ExternalScopeNames(), |
| 40 | // RFC 6750 Bearer Token methods supported as fallback methods in api key middleware |
| 41 | BearerMethodsSupported: []string{"header", "query"}, |
| 42 | } |
| 43 | httpapi.Write(ctx, rw, http.StatusOK, metadata) |
| 44 | } |
| 45 | } |
no test coverage detected