FetchCustomOAuthDiscovery fetches OIDC discovery document via backend (root-only route)
(c *gin.Context)
| 140 | |
| 141 | // FetchCustomOAuthDiscovery fetches OIDC discovery document via backend (root-only route) |
| 142 | func FetchCustomOAuthDiscovery(c *gin.Context) { |
| 143 | var req FetchCustomOAuthDiscoveryRequest |
| 144 | if err := c.ShouldBindJSON(&req); err != nil { |
| 145 | common.ApiErrorMsg(c, "无效的请求参数: "+err.Error()) |
| 146 | return |
| 147 | } |
| 148 | |
| 149 | wellKnownURL := strings.TrimSpace(req.WellKnownURL) |
| 150 | issuerURL := strings.TrimSpace(req.IssuerURL) |
| 151 | |
| 152 | if wellKnownURL == "" && issuerURL == "" { |
| 153 | common.ApiErrorMsg(c, "请先填写 Discovery URL 或 Issuer URL") |
| 154 | return |
| 155 | } |
| 156 | |
| 157 | targetURL := wellKnownURL |
| 158 | if targetURL == "" { |
| 159 | targetURL = strings.TrimRight(issuerURL, "/") + "/.well-known/openid-configuration" |
| 160 | } |
| 161 | targetURL = strings.TrimSpace(targetURL) |
| 162 | |
| 163 | parsedURL, err := url.Parse(targetURL) |
| 164 | if err != nil || parsedURL.Host == "" || (parsedURL.Scheme != "http" && parsedURL.Scheme != "https") { |
| 165 | common.ApiErrorMsg(c, "Discovery URL 无效,仅支持 http/https") |
| 166 | return |
| 167 | } |
| 168 | |
| 169 | ctx, cancel := context.WithTimeout(c.Request.Context(), 20*time.Second) |
| 170 | defer cancel() |
| 171 | |
| 172 | httpReq, err := http.NewRequestWithContext(ctx, http.MethodGet, targetURL, nil) |
| 173 | if err != nil { |
| 174 | common.ApiErrorMsg(c, "创建 Discovery 请求失败: "+err.Error()) |
| 175 | return |
| 176 | } |
| 177 | httpReq.Header.Set("Accept", "application/json") |
| 178 | |
| 179 | client := &http.Client{Timeout: 20 * time.Second} |
| 180 | resp, err := client.Do(httpReq) |
| 181 | if err != nil { |
| 182 | common.ApiErrorMsg(c, "获取 Discovery 配置失败: "+err.Error()) |
| 183 | return |
| 184 | } |
| 185 | defer resp.Body.Close() |
| 186 | |
| 187 | if resp.StatusCode != http.StatusOK { |
| 188 | body, _ := io.ReadAll(io.LimitReader(resp.Body, 512)) |
| 189 | message := strings.TrimSpace(string(body)) |
| 190 | if message == "" { |
| 191 | message = resp.Status |
| 192 | } |
| 193 | common.ApiErrorMsg(c, "获取 Discovery 配置失败: "+message) |
| 194 | return |
| 195 | } |
| 196 | |
| 197 | var discovery map[string]any |
| 198 | if err = common.DecodeJson(resp.Body, &discovery); err != nil { |
| 199 | common.ApiErrorMsg(c, "解析 Discovery 配置失败: "+err.Error()) |
nothing calls this directly
no test coverage detected