feat: api key authentication (#291)

Co-authored-by: Elias Schneider <login@eliasschneider.com>
2026-02-10 19:34:18 +00:00 · 2025-03-11 14:16:42 -05:00
parent 74ba8390f4
commit 62915d863a
58 changed files with 2172 additions and 190 deletions
--- a/backend/internal/controller/well_known_controller.go
+++ b/backend/internal/controller/well_known_controller.go
@@ -8,6 +8,10 @@ import (
 	"github.com/pocket-id/pocket-id/backend/internal/service"
 )

+// NewWellKnownController creates a new controller for OIDC discovery endpoints
+// @Summary OIDC Discovery controller
+// @Description Initializes OIDC discovery and JWKS endpoints
+// @Tags Well Known
 func NewWellKnownController(group *gin.RouterGroup, jwtService *service.JwtService) {
 	wkc := &WellKnownController{jwtService: jwtService}
 	group.GET("/.well-known/jwks.json", wkc.jwksHandler)
@@ -18,6 +22,13 @@ type WellKnownController struct {
 	jwtService *service.JwtService
 }

+// jwksHandler godoc
+// @Summary Get JSON Web Key Set (JWKS)
+// @Description Returns the JSON Web Key Set used for token verification
+// @Tags Well Known
+// @Produce json
+// @Success 200 {object} object "{ \"keys\": []interface{} }"
+// @Router /.well-known/jwks.json [get]
 func (wkc *WellKnownController) jwksHandler(c *gin.Context) {
 	jwk, err := wkc.jwtService.GetJWK()
 	if err != nil {
@@ -28,6 +39,12 @@ func (wkc *WellKnownController) jwksHandler(c *gin.Context) {
 	c.JSON(http.StatusOK, gin.H{"keys": []interface{}{jwk}})
 }

+// openIDConfigurationHandler godoc
+// @Summary Get OpenID Connect discovery configuration
+// @Description Returns the OpenID Connect discovery document with endpoints and capabilities
+// @Tags Well Known
+// @Success 200 {object} object "OpenID Connect configuration"
+// @Router /.well-known/openid-configuration [get]
 func (wkc *WellKnownController) openIDConfigurationHandler(c *gin.Context) {
 	appUrl := common.EnvConfig.AppURL
 	config := map[string]interface{}{