Refactor proxy builder

This commit is contained in:
NipuniBhagya 2025-05-14 15:39:02 +05:30
parent 85e5fe1c1d
commit 331cc281c6
5 changed files with 200 additions and 35 deletions

View file

@ -336,3 +336,23 @@ func randomString(n int) string {
}
return string(b)
}
func (p *asgardeoProvider) ProtectedResourceMetadataHandler() http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")
meta := map[string]interface{}{
"resource": p.cfg.ResourceIdentifier,
"scopes_supported": p.cfg.ScopesSupported,
"authorization_servers": p.cfg.AuthorizationServers,
}
if p.cfg.JwksURI != "" {
meta["jwks_uri"] = p.cfg.JwksURI
}
if len(p.cfg.BearerMethodsSupported) > 0 {
meta["bearer_methods_supported"] = p.cfg.BearerMethodsSupported
}
if err := json.NewEncoder(w).Encode(meta); err != nil {
http.Error(w, "failed to encode metadata", http.StatusInternalServerError)
}
}
}

View file

@ -0,0 +1,20 @@
package authz
import (
"net/http"
)
type TokenClaims struct {
Scopes []string
}
type DefaulPolicyEngine struct{}
func (d *DefaulPolicyEngine) Evaluate(r *http.Request, claims *TokenClaims, requiredScope string) PolicyResult {
for _, scope := range claims.Scopes {
if scope == requiredScope {
return PolicyResult{DecisionAllow, ""}
}
}
return PolicyResult{DecisionDeny, "missing scope '" + requiredScope + "'"}
}