A community based topic aggregation platform built on atproto
bretton.dev
1package oauth
2
3import (
4 "Coves/internal/atproto/oauth"
5 "encoding/json"
6 "log"
7 "net/http"
8
9 "github.com/lestrrat-go/jwx/v2/jwk"
10)
11
12// HandleJWKS serves the JSON Web Key Set (JWKS) containing the public key
13// GET /oauth/jwks.json
14func HandleJWKS(w http.ResponseWriter, r *http.Request) {
15 // Get private key from environment (supports base64 encoding)
16 privateJWK, err := GetEnvBase64OrPlain("OAUTH_PRIVATE_JWK")
17 if err != nil {
18 http.Error(w, "OAuth configuration error", http.StatusInternalServerError)
19 return
20 }
21 if privateJWK == "" {
22 http.Error(w, "OAuth not configured", http.StatusInternalServerError)
23 return
24 }
25
26 // Parse private key
27 privateKey, err := oauth.ParseJWKFromJSON([]byte(privateJWK))
28 if err != nil {
29 http.Error(w, "Failed to parse private key", http.StatusInternalServerError)
30 return
31 }
32
33 // Get public key
34 publicKey, err := privateKey.PublicKey()
35 if err != nil {
36 http.Error(w, "Failed to get public key", http.StatusInternalServerError)
37 return
38 }
39
40 // Create JWKS
41 jwks := jwk.NewSet()
42 if err := jwks.AddKey(publicKey); err != nil {
43 http.Error(w, "Failed to create JWKS", http.StatusInternalServerError)
44 return
45 }
46
47 // Serve JWKS
48 w.Header().Set("Content-Type", "application/json")
49 w.WriteHeader(http.StatusOK)
50 if err := json.NewEncoder(w).Encode(jwks); err != nil {
51 log.Printf("Failed to encode JWKS response: %v", err)
52 }
53}