Merge pull request #543 from USACE/develop

adamscarberry · web-flow · commit aae61a9e5b7e · 2025-04-08T18:11:45.000-04:00
Develop to Stable - identity endpoint
diff --git a/api/handlers/helpers.go b/api/handlers/helpers.go
@@ -2,6 +2,8 @@ package handlers
 
 import (
 	"errors"
+	"net/http"
+	"strings"
 
 	"github.com/USACE/cumulus-api/api/middleware"
 	"github.com/google/uuid"
@@ -15,3 +17,51 @@ func GetSub(c echo.Context) (*uuid.UUID, error) {
 	}
 	return userInfo.Sub, nil
 }
+
+// GetIdentityProviderConfiguration returns the Keycloak configuration based on the auth environment and realm
+func GetIdentityProviderConfiguration(authEnv string, c echo.Context) error {
+
+	// Convert the authEnv to lowercase to make the comparison case-insensitive
+	authEnv = strings.ToLower(authEnv)
+
+	// Set the base URL for Keycloak depending on the environment
+	var keycloakHost string
+	realm := "cwbi" // Set the realm as a variable
+
+	// Determine the Keycloak host based on the authEnv passed
+	switch authEnv {
+	// ----------------------------
+	// Satisfy local mocking
+	case "mock":
+		keycloakHost = "http://localhost"
+	// ----------------------------
+	// Castle Cloud auth servers
+	case "develop":
+		keycloakHost = "https://develop-auth.corps.cloud"
+		realm = "water"
+	case "stable":
+		keycloakHost = "https://auth.corps.cloud"
+		realm = "water"
+	// ----------------------------
+	// CWBI auth servers
+	case "dev":
+		keycloakHost = "https://identityc-test.cwbi.us"
+	case "test":
+		keycloakHost = "https://identityc-test.cwbi.us"
+	case "prod":
+		keycloakHost = "https://identityc.sec.usace.army.mil"
+	default:
+		return c.JSON(http.StatusBadRequest, map[string]string{
+			"error": "Invalid auth environment: " + authEnv,
+		})
+	}
+
+	// Prepare the configuration as a map of string keys and values
+	config := map[string]string{
+		"token_endpoint":      keycloakHost + "/auth/realms/" + realm + "/protocol/openid-connect/token",
+		"well_known_endpoint": keycloakHost + "/auth/realms/" + realm + "/.well-known/openid-configuration",
+	}
+
+	// Return the configuration as a JSON response
+	return c.JSON(http.StatusOK, config)
+}
diff --git a/api/main.go b/api/main.go
@@ -93,6 +93,11 @@ func main() {
 		})
 	})
 
+	// Identity Provider Configuration Route
+	public.GET("/identity-provider/configuration", func(c echo.Context) error {
+		return handlers.GetIdentityProviderConfiguration(cfg.AuthEnvironment, c)
+	})
+
 	// Proxy to pg_featureserv
 	features := public.Group("/features")
 	features.Use(middleware.PgFeatureservProxy(cfg.PgFeatureservUrl))
