config/oauth.go - KorAP/KorAP-MCP - Gitiles

 package config

 import (
 	"fmt"

 	"golang.org/x/oauth2"
 )

 // OAuthConfig represents OAuth2 configuration for KorAP authentication
 type OAuthConfig struct {
 	// ClientID is the OAuth2 client identifier
 	ClientID string `yaml:"client_id"`

 	// ClientSecret is the OAuth2 client secret
 	ClientSecret string `yaml:"client_secret"`

 	// AuthURL is the authorization endpoint URL
 	AuthURL string `yaml:"auth_url"`

 	// TokenURL is the token endpoint URL
 	TokenURL string `yaml:"token_url"`

 	// RedirectURL is the callback URL for authorization code flow
 	RedirectURL string `yaml:"redirect_url"`

 	// Scopes are the requested OAuth2 scopes
 	Scopes []string `yaml:"scopes"`

 	// Enabled indicates whether OAuth2 authentication is enabled
 	Enabled bool `yaml:"enabled"`
 }

 // DefaultOAuthConfig returns a default OAuth2 configuration
 func DefaultOAuthConfig() *OAuthConfig {
 	return &OAuthConfig{
 		AuthURL:     "https://korap.ids-mannheim.de/api/v1.0/oauth2/authorize",
 		TokenURL:    "https://korap.ids-mannheim.de/api/v1.0/oauth2/token",
 		RedirectURL: "urn:ietf:wg:oauth:2.0:oob",
 		Scopes:      []string{"read"},
 		Enabled:     false,
 	}
 }

 // ToOAuth2Config converts the config to golang.org/x/oauth2.Config
 func (c *OAuthConfig) ToOAuth2Config() *oauth2.Config {
 	if !c.Enabled {
 		return nil
 	}

 	return &oauth2.Config{
 		ClientID:     c.ClientID,
 		ClientSecret: c.ClientSecret,
 		Endpoint: oauth2.Endpoint{
 			AuthURL:  c.AuthURL,
 			TokenURL: c.TokenURL,
 		},
 		RedirectURL: c.RedirectURL,
 		Scopes:      c.Scopes,
 	}
 }

 // Validate checks if the OAuth2 configuration is valid
 func (c *OAuthConfig) Validate() error {
 	if !c.Enabled {
 		return nil
 	}

 	if c.ClientID == "" {
 		return fmt.Errorf("oauth2 client_id is required when authentication is enabled")
 	}

 	if c.ClientSecret == "" {
 		return fmt.Errorf("oauth2 client_secret is required when authentication is enabled")
 	}

 	if c.TokenURL == "" {
 		return fmt.Errorf("oauth2 token_url is required when authentication is enabled")
 	}

 	// AuthURL is only required for authorization code flow, not client credentials

 	return nil
 }
	package config

	import (
	"fmt"

	"golang.org/x/oauth2"
	)

	// OAuthConfig represents OAuth2 configuration for KorAP authentication
	type OAuthConfig struct {
	// ClientID is the OAuth2 client identifier
	ClientID string `yaml:"client_id"`

	// ClientSecret is the OAuth2 client secret
	ClientSecret string `yaml:"client_secret"`

	// AuthURL is the authorization endpoint URL
	AuthURL string `yaml:"auth_url"`

	// TokenURL is the token endpoint URL
	TokenURL string `yaml:"token_url"`

	// RedirectURL is the callback URL for authorization code flow
	RedirectURL string `yaml:"redirect_url"`

	// Scopes are the requested OAuth2 scopes
	Scopes []string `yaml:"scopes"`

	// Enabled indicates whether OAuth2 authentication is enabled
	Enabled bool `yaml:"enabled"`
	}

	// DefaultOAuthConfig returns a default OAuth2 configuration
	func DefaultOAuthConfig() *OAuthConfig {
	return &OAuthConfig{
	AuthURL: "https://korap.ids-mannheim.de/api/v1.0/oauth2/authorize",
	TokenURL: "https://korap.ids-mannheim.de/api/v1.0/oauth2/token",
	RedirectURL: "urn:ietf:wg:oauth:2.0:oob",
	Scopes: []string{"read"},
	Enabled: false,
	}
	}

	// ToOAuth2Config converts the config to golang.org/x/oauth2.Config
	func (c OAuthConfig) ToOAuth2Config() oauth2.Config {
	if !c.Enabled {
	return nil
	}

	return &oauth2.Config{
	ClientID: c.ClientID,
	ClientSecret: c.ClientSecret,
	Endpoint: oauth2.Endpoint{
	AuthURL: c.AuthURL,
	TokenURL: c.TokenURL,
	},
	RedirectURL: c.RedirectURL,
	Scopes: c.Scopes,
	}
	}

	// Validate checks if the OAuth2 configuration is valid
	func (c *OAuthConfig) Validate() error {
	if !c.Enabled {
	return nil
	}

	if c.ClientID == "" {
	return fmt.Errorf("oauth2 client_id is required when authentication is enabled")
	}

	if c.ClientSecret == "" {
	return fmt.Errorf("oauth2 client_secret is required when authentication is enabled")
	}

	if c.TokenURL == "" {
	return fmt.Errorf("oauth2 token_url is required when authentication is enabled")
	}

	// AuthURL is only required for authorization code flow, not client credentials

	return nil
	}