server/api/well-known/openid-configuration/index.ts

import { describeRoute } from "hono-openapi";
import { resolver } from "hono-openapi/zod";
import { z } from "zod";
import { apiRoute } from "@/api";
import { config } from "~/config.ts";

export default apiRoute((app) =>
    app.get(
        "/.well-known/openid-configuration",
        describeRoute({
            summary: "OpenID Configuration",
            tags: ["OpenID"],
            responses: {
                200: {
                    description: "OpenID Configuration",
                    content: {
                        "application/json": {
                            schema: resolver(
                                z.object({
                                    issuer: z.string(),
                                    authorization_endpoint: z.string(),
                                    token_endpoint: z.string(),
                                    userinfo_endpoint: z.string(),
                                    jwks_uri: z.string(),
                                    response_types_supported: z.array(
                                        z.string(),
                                    ),
                                    subject_types_supported: z.array(
                                        z.string(),
                                    ),
                                    id_token_signing_alg_values_supported:
                                        z.array(z.string()),
                                    scopes_supported: z.array(z.string()),
                                    token_endpoint_auth_methods_supported:
                                        z.array(z.string()),
                                    claims_supported: z.array(z.string()),
                                }),
                            ),
                        },
                    },
                },
            },
        }),
        (context) => {
            const baseUrl = config.http.base_url;
            return context.json(
                {
                    issuer: baseUrl.origin.toString(),
                    authorization_endpoint: `${baseUrl.origin}/oauth/authorize`,
                    token_endpoint: `${baseUrl.origin}/oauth/token`,
                    userinfo_endpoint: `${baseUrl.origin}/api/v1/accounts/verify_credentials`,
                    jwks_uri: `${baseUrl.origin}/.well-known/jwks`,
                    response_types_supported: ["code"],
                    subject_types_supported: ["public"],
                    id_token_signing_alg_values_supported: ["EdDSA"],
                    scopes_supported: ["openid", "profile", "email"],
                    token_endpoint_auth_methods_supported: [
                        "client_secret_basic",
                    ],
                    claims_supported: ["sub"],
                },
                200,
            );
        },
    ),
);
refactor(api): :recycle: Move from @hono/zod-openapi to hono-openapi hono-openapi is easier to work with and generates better OpenAPI definitions 2025-03-29 03:30:06 +01:00			`import { describeRoute } from "hono-openapi";`
			`import { resolver } from "hono-openapi/zod";`
			`import { z } from "zod";`
chore: :arrow_up: Upgrade to Biome 2.0 2025-04-10 19:15:31 +02:00			`import { apiRoute } from "@/api";`
refactor(config): :recycle: Redo config structure from scratch, simplify validation code, improve checks, add support for loading sensitive data from paths 2025-02-15 02:47:29 +01:00			`import { config } from "~/config.ts";`
feat(api): :sparkles: Make Lysand a full OAuth2/OpenID Connect provider as well as still Mastodon compatible 2024-04-18 10:42:12 +02:00
refactor(api): :recycle: Move from @hono/zod-openapi to hono-openapi hono-openapi is easier to work with and generates better OpenAPI definitions 2025-03-29 03:30:06 +01:00			`export default apiRoute((app) =>`
			`app.get(`
			`"/.well-known/openid-configuration",`
			`describeRoute({`
			`summary: "OpenID Configuration",`
			`tags: ["OpenID"],`
			`responses: {`
			`200: {`
			`description: "OpenID Configuration",`
			`content: {`
			`"application/json": {`
			`schema: resolver(`
			`z.object({`
			`issuer: z.string(),`
			`authorization_endpoint: z.string(),`
			`token_endpoint: z.string(),`
			`userinfo_endpoint: z.string(),`
			`jwks_uri: z.string(),`
			`response_types_supported: z.array(`
			`z.string(),`
			`),`
			`subject_types_supported: z.array(`
			`z.string(),`
			`),`
			`id_token_signing_alg_values_supported:`
			`z.array(z.string()),`
			`scopes_supported: z.array(z.string()),`
			`token_endpoint_auth_methods_supported:`
			`z.array(z.string()),`
			`claims_supported: z.array(z.string()),`
			`}),`
			`),`
			`},`
			`},`
refactor(api): :recycle: More OpenAPI refactoring work 2024-09-16 15:29:09 +02:00			`},`
			`},`
refactor(api): :recycle: Move from @hono/zod-openapi to hono-openapi hono-openapi is easier to work with and generates better OpenAPI definitions 2025-03-29 03:30:06 +01:00			`}),`
			`(context) => {`
			`const baseUrl = config.http.base_url;`
			`return context.json(`
			`{`
			`issuer: baseUrl.origin.toString(),`
			authorization_endpoint: `${baseUrl.origin}/oauth/authorize`,
			token_endpoint: `${baseUrl.origin}/oauth/token`,
			userinfo_endpoint: `${baseUrl.origin}/api/v1/accounts/verify_credentials`,
			jwks_uri: `${baseUrl.origin}/.well-known/jwks`,
			`response_types_supported: ["code"],`
			`subject_types_supported: ["public"],`
			`id_token_signing_alg_values_supported: ["EdDSA"],`
			`scopes_supported: ["openid", "profile", "email"],`
			`token_endpoint_auth_methods_supported: [`
			`"client_secret_basic",`
			`],`
			`claims_supported: ["sub"],`
			`},`
			`200,`
			`);`
refactor(api): :recycle: More OpenAPI refactoring work 2024-09-16 15:29:09 +02:00			`},`
refactor(api): :recycle: Move from @hono/zod-openapi to hono-openapi hono-openapi is easier to work with and generates better OpenAPI definitions 2025-03-29 03:30:06 +01:00			`),`
refactor: :recycle: Use a typed wrapper for all API endpoints 2024-08-19 20:06:38 +02:00			`);`