tuwunel_api/oidc/
registration.rs

1use axum::{Json, extract::State, response::IntoResponse};
2use http::StatusCode;
3use serde_json::json;
4use tuwunel_core::{Err, Result, info};
5use tuwunel_service::oauth::server::DcrRequest;
6
7pub(crate) async fn registration_route(
8	State(services): State<crate::State>,
9	Json(body): Json<DcrRequest>,
10) -> Result<impl IntoResponse> {
11	let oidc = services.oauth.get_server()?;
12
13	if body.redirect_uris.is_empty() {
14		return Err!(Request(InvalidParam("redirect_uris must not be empty")));
15	}
16
17	let reg = oidc.register_client(body).await?;
18
19	info!(
20		"OIDC client registered: {} ({})",
21		reg.client_id,
22		reg.client_name.as_deref().unwrap_or("unnamed")
23	);
24
25	Ok((
26		StatusCode::CREATED,
27		Json(json!({
28			"client_id": reg.client_id,
29			"client_id_issued_at": reg.registered_at,
30			"redirect_uris": reg.redirect_uris,
31			"client_name": reg.client_name,
32			"client_uri": reg.client_uri,
33			"logo_uri": reg.logo_uri,
34			"contacts": reg.contacts,
35			"token_endpoint_auth_method": reg.token_endpoint_auth_method,
36			"grant_types": reg.grant_types,
37			"response_types": reg.response_types,
38			"application_type": reg.application_type,
39			"policy_uri": reg.policy_uri,
40			"tos_uri": reg.tos_uri,
41			"software_id": reg.software_id,
42			"software_version": reg.software_version,
43		})),
44	))
45}
tuwunel_api/oidc/registration.rs

tuwunel_api/oidc/
registration.rs
