knot2/server/oauth.go at sl/git-objects · tangled.org/core

tangled.org / core

Monorepo for Tangled tangled.org

core / knot2 / server / oauth.go

at sl/git-objects 1.1 kB view raw

 1package server
 2
 3import (
 4	"net/http"
 5
 6	atcrypto "github.com/bluesky-social/indigo/atproto/crypto"
 7	"github.com/bluesky-social/indigo/atproto/auth/oauth"
 8	"tangled.org/core/idresolver"
 9	"tangled.org/core/knot2/config"
10)
11
12func newAtClientApp(cfg *config.Config) *oauth.ClientApp {
13	idResolver := idresolver.DefaultResolver(cfg.PlcUrl)
14	scopes := []string{"atproto", "identity:*"}
15	var oauthConfig oauth.ClientConfig
16	if cfg.Dev {
17		oauthConfig = oauth.NewLocalhostConfig(
18			cfg.Uri()+"/oauth/callback",
19			scopes,
20		)
21	} else {
22		oauthConfig = oauth.NewPublicConfig(
23			cfg.Uri()+"/oauth/client-metadata.json",
24			cfg.Uri()+"/oauth/callback",
25			scopes,
26		)
27	}
28	priv, err := atcrypto.ParsePrivateMultibase(cfg.OAuth.ClientSecret)
29	if err != nil {
30		panic(err)
31	}
32	if err := oauthConfig.SetClientSecret(priv, cfg.OAuth.ClientKid); err != nil {
33		panic(err)
34	}
35	// we can just use in-memory auth store
36	clientApp := oauth.NewClientApp(&oauthConfig, oauth.NewMemStore())
37	clientApp.Dir = idResolver.Directory()
38	clientApp.Resolver.Client.Transport = http.DefaultTransport
39	return clientApp
40}