Documentation
¶
Overview ¶
Package discovery implements the OIDC Discovery capability contributor plugin.
This plugin contributes algorithm-related fields (derived from KeyStore) and OP-level static fields (claims_supported, subject_types_supported, etc.) to the discovery document.
Capability declarations (grant_types, scopes, auth_methods, etc.) are contributed by their respective endpoint plugins. This ensures the discovery document automatically reflects which plugins are enabled: if the device plugin is not registered, device_code won't appear in grant_types_supported.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
// SubjectTypes overrides subject_types_supported.
// Default: ["public", "pairwise"]
SubjectTypes []string
// ExtraFields are additional key-value pairs merged into cfg.Extra.
ExtraFields map[string]any
}
Config holds optional overrides for the discovery document.
type Plugin ¶
type Plugin struct {
// contains filtered or unexported fields
}
Plugin is the Discovery contributor plugin. It provides algorithm fields (from KeyStore) and OP-level static fields. Endpoint URLs and capability declarations are contributed by their respective endpoint plugins.
func New ¶
New creates a new Discovery plugin. If keyStore is non-nil, the discovery document will include the signing algorithms declared by the key store (including GM/T algorithms).
func (*Plugin) Contribute ¶
func (p *Plugin) Contribute(ctx context.Context, cfg *protocol.DiscoveryConfiguration)
Contribute populates algorithm fields and OP-level static fields on cfg.
Algorithm fields are derived from KeyStore with RS256 as fallback. Capability declarations (grant_types, scopes, auth_methods, etc.) are NOT set here — each endpoint plugin contributes its own capabilities.