Add support for Starship CoreID login (#9)

config/auth.config.js

@@ -98,6 +98,76 @@ const auth_config = {
             },
         },
 
+        starship_oauth: {
+            type: 'Oauth2Provider',
+            enable: env('AUTH_COREID_ENABLE', false),
+
+            source_name: env('AUTH_COREID_SOURCE_NAME', 'Starship CoreID'),
+            source_client_id: env('AUTH_COREID_CLIENT_ID'),
+            source_client_secret: env('AUTH_COREID_CLIENT_SECRET'),
+
+            // Login page destination where the user will be redirected to on login
+            // %c will be interpolated with the client id
+            // %r will be interpolated with the redirect callback url
+            //  NOTE: This url is the same as the login page - /auth/oauth2/login
+            source_login_page: env('AUTH_COREID_LOGIN_REDIRECT', 'https://coreid.garrettmills.dev/auth/service/oauth2/authorize?client_id=%c&redirect_uri=%r'),
+
+            // Information about the OAuth2 Callback
+            callback: {
+                // URL query parameter name with the authorization_code token
+                // e.g. ?code=XXXXXXXXXX
+                token_key: 'code',
+            },
+
+            // Information about the endpoint flitter-auth will use to redeem
+            // the authorization_code token for a bearer token
+            source_token: {
+                endpoint: 'https://coreid.garrettmills.dev/auth/service/oauth2/redeem',
+
+                // Field name where the authorization_code token will be specified in the request
+                token_key: 'code',
+
+                // Field name for the client id
+                client_id_key: 'client_id',
+
+                // Field name for the client secret
+                client_secret_key: 'client_secret',
+
+                // Field name for the grant_type ('authorization_type')
+                grant_type_key: 'grant_type',
+
+                // Field name where the bearer token will be specified in the response
+                response_token_key: 'access_token',
+            },
+
+            // Information about the endpoint flitter-auth will use to get
+            // user information after it retrieves a bearer token
+            user_data: {
+                endpoint: 'https://coreid.garrettmills.dev/api/v1/auth/users/me',
+                method: 'get', // 'get' or 'post' only
+
+                // In the response data, what key is the user data in?
+                // e.g. if 'data', then {'data': { ... }}
+                // Set falsy to assume the data exists in the root: { ... }
+                data_root: 'data',
+
+                // Value that prefixes the token in the 'Authorization: ' header.
+                // e.g. 'token ' would mean 'token a0fw93ja0w93ja093wj'
+                //      'Bearer ' would be 'Bearer 0329j0239dj209j3209jd'
+                // token_prefix: 'token ',
+
+                // Mapping of user model attributes to OAuth2 return data from the endpoint
+                // Note that uuid is not allowed, and uid is required
+                attributes: {
+                    uid: 'username',
+                    first_name: 'first_name',
+                    last_name: 'last_name',
+                    email: 'email',
+                    roles: 'group_ids',
+                },
+            },
+        },
+
         github_oauth: {
             type: 'Oauth2Provider',
             enable: env('AUTH_OAUTH2_ENABLE', true),