mirror of
https://github.com/wso2/open-mcp-auth-proxy.git
synced 2025-07-08 21:20:45 +00:00
Refactor proxy builder
This commit is contained in:
parent
85e5fe1c1d
commit
331cc281c6
5 changed files with 200 additions and 35 deletions
|
@ -336,3 +336,23 @@ func randomString(n int) string {
|
|||
}
|
||||
return string(b)
|
||||
}
|
||||
|
||||
func (p *asgardeoProvider) ProtectedResourceMetadataHandler() http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
meta := map[string]interface{}{
|
||||
"resource": p.cfg.ResourceIdentifier,
|
||||
"scopes_supported": p.cfg.ScopesSupported,
|
||||
"authorization_servers": p.cfg.AuthorizationServers,
|
||||
}
|
||||
if p.cfg.JwksURI != "" {
|
||||
meta["jwks_uri"] = p.cfg.JwksURI
|
||||
}
|
||||
if len(p.cfg.BearerMethodsSupported) > 0 {
|
||||
meta["bearer_methods_supported"] = p.cfg.BearerMethodsSupported
|
||||
}
|
||||
if err := json.NewEncoder(w).Encode(meta); err != nil {
|
||||
http.Error(w, "failed to encode metadata", http.StatusInternalServerError)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
20
internal/authz/default_policy_engine.go
Normal file
20
internal/authz/default_policy_engine.go
Normal file
|
@ -0,0 +1,20 @@
|
|||
package authz
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
)
|
||||
|
||||
type TokenClaims struct {
|
||||
Scopes []string
|
||||
}
|
||||
|
||||
type DefaulPolicyEngine struct{}
|
||||
|
||||
func (d *DefaulPolicyEngine) Evaluate(r *http.Request, claims *TokenClaims, requiredScope string) PolicyResult {
|
||||
for _, scope := range claims.Scopes {
|
||||
if scope == requiredScope {
|
||||
return PolicyResult{DecisionAllow, ""}
|
||||
}
|
||||
}
|
||||
return PolicyResult{DecisionDeny, "missing scope '" + requiredScope + "'"}
|
||||
}
|
Loading…
Add table
Add a link
Reference in a new issue