dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
f8e37c0c8b
lemonldap-ng/lemonldap-ng-portal/example/openid-configuration.pl

74 lines
2.7 KiB
Perl
Raw Normal View History

Configuration endpoint (#184)
2015-03-23 18:12:06 +01:00
#!/usr/bin/perl
use Lemonldap::NG::Portal::SharedConf;
use JSON;
use strict;
my $portal = Lemonldap::NG::Portal::SharedConf->new();
my $issuerDBOpenIDConnectPath = $portal->{issuerDBOpenIDConnectPath};
my $authorize_uri = $portal->{oidcServiceMetaDataAuthorizeURI};
my $token_uri = $portal->{oidcServiceMetaDataTokenURI};
my $userinfo_uri = $portal->{oidcServiceMetaDataUserInfoURI};
my ($path) = ( $issuerDBOpenIDConnectPath =~ /(\w+)/ );
my $issuer = $portal->{oidcServiceMetaDataIssuer};
# Create OpenID configuration hash;
my $configuration = {};
$configuration->{issuer} = $issuer;
$configuration->{authorization_endpoint} =
$issuer . $path . "/" . $authorize_uri;
$configuration->{token_endpoint} = $issuer . $path . "/" . $token_uri;
$configuration->{userinfo_endpoint} = $issuer . $path . "/" . $userinfo_uri;
# MANDATORY # $configuration->{jwks_uri}
# RECOMMENDED # $configuration->{registration_endpoint}
$configuration->{scopes_supported} = [qw/openid profile email address phone/];
$configuration->{response_types_supported} = [
"code",
"id_token",
"id_token token",
"code id_token",
"code token",
"code id_token token"
];
# $configuration->{response_modes_supported}
$configuration->{grant_types_supported} =
[qw/authorization_code implicit hybrid/];
# $configuration->{acr_values_supported}
Set subject_types_supported in configuration endpoint (#184)
2015-03-24 16:09:48 +01:00
$configuration->{subject_types_supported} = ["public"];
Configuration endpoint (#184)
2015-03-23 18:12:06 +01:00
$configuration->{id_token_signing_alg_values_supported} =
[qw/none RS256 RS384 RS512/];
# $configuration->{id_token_encryption_alg_values_supported}
# $configuration->{id_token_encryption_enc_values_supported}
# $configuration->{userinfo_encryption_alg_values_supported}
# $configuration->{userinfo_encryption_enc_values_supported}
# $configuration->{request_object_signing_alg_values_supported}
# $configuration->{request_object_encryption_alg_values_supported}
Declare all configuration items listed in openidconnect-discovery.pdf (#184)
2015-03-24 16:05:38 +01:00
# $configuration->{request_object_encryption_enc_values_supported}
$configuration->{token_endpoint_auth_methods_supported} =
[qw/client_secret_post client_secret_basic/];
# $configuration->{token_endpoint_auth_signing_alg_values_supported}
# $configuration->{display_values_supported}
# $configuration->{claim_types_supported}
# RECOMMENDED # $configuration->{claims_supported}
# $configuration->{service_documentation}
# $configuration->{claims_locales_supported}
# $configuration->{ui_locales_supported}
# $configuration->{claims_parameter_supported}
# $configuration->{request_parameter_supported}
# $configuration->{request_uri_parameter_supported}
# $configuration->{require_request_uri_registration}
# $configuration->{op_policy_uri}
# $configuration->{op_tos_uri}
Configuration endpoint (#184)
2015-03-23 18:12:06 +01:00
my $json = encode_json $configuration;
print $portal->header('application/json; charset=utf-8');
print $json;
Reference in New Issue Copy Permalink