OneAuth/cfg/cfg.go

//
// cfg.go
// Copyright (C) 2024 veypi <i@veypi.com>
// 2025-03-04 16:08:06
// Distributed under terms of the MIT license.
//

package cfg

import (
	"time"

	"github.com/veypi/vigo/contrib/config"
)

type Options struct {
	DSN   string `json:"dsn"` // Data Source Name
	DB    string `json:"db"`  // DB type: mysql, postgres, sqlite
	Redis config.Redis
	Key   config.Key `json:"key"`
	SMS   *SMSConfig `json:"sms"`

	// JWT配置
	JWT JWTConfig `json:"jwt"`

	// 应用配置
	App AppConfig `json:"app"`

	// 安全配置
	Security SecurityConfig `json:"security"`

	// OAuth配置
	OAuth OAuthConfig `json:"oauth"`

	// OAuth提供商配置
	Providers OAuthProvidersConfig `json:"providers"`
}

type JWTConfig struct {
	Secret        string        `json:"secret"`
	AccessExpiry  time.Duration `json:"access_expiry"`
	RefreshExpiry time.Duration `json:"refresh_expiry"`
	Issuer        string        `json:"issuer"`
}

type AppConfig struct {
	ID        string          `json:"id"`
	Name      string          `json:"name"`
	InitAdmin InitAdminConfig `json:"init_admin"`
}

type InitAdminConfig struct {
	Username string `json:"username"`
	Password string `json:"password"`
	Email    string `json:"email"`
}

type SecurityConfig struct {
	BcryptCost       int  `json:"bcrypt_cost"`
	MaxLoginAttempts int  `json:"max_login_attempts"`
	CaptchaEnabled   bool `json:"captcha_enabled"`
}

type OAuthConfig struct {
	AuthorizationExpiry time.Duration `json:"authorization_expiry"`
	AccessExpiry        time.Duration `json:"access_expiry"`
	RefreshExpiry       time.Duration `json:"refresh_expiry"`
}

type OAuthProviderConfig struct {
	Enabled      bool     `json:"enabled"`
	ClientID     string   `json:"client_id"`
	ClientSecret string   `json:"client_secret"`
	AuthURL      string   `json:"auth_url"`
	TokenURL     string   `json:"token_url"`
	UserInfoURL  string   `json:"user_info_url"`
	Scopes       []string `json:"scopes"`
}

type OAuthProvidersConfig struct {
	Google OAuthProviderConfig `json:"google"`
	GitHub OAuthProviderConfig `json:"github"`
	WeChat OAuthProviderConfig `json:"wechat"`
}

var Config = &Options{
	DB:  "mysql",
	DSN: "root:123456@tcp(127.0.0.1:3306)/vbase?charset=utf8&parseTime=True&loc=Local",
	SMS: defaultSMS(),
	JWT: JWTConfig{
		Secret:        "your-secret-key-change-in-production-min-32-characters",
		AccessExpiry:  time.Hour,
		RefreshExpiry: 30 * 24 * time.Hour,
		Issuer:        "vbase",
	},
	App: AppConfig{
		ID:   "vbase",
		Name: "VBase IAM",
		InitAdmin: InitAdminConfig{
			Username: "admin",
			Password: "",
			Email:    "admin@example.com",
		},
	},
	Security: SecurityConfig{
		BcryptCost:       12,
		MaxLoginAttempts: 5,
		CaptchaEnabled:   true,
	},
	OAuth: OAuthConfig{
		AuthorizationExpiry: 10 * time.Minute,
		AccessExpiry:        time.Hour,
		RefreshExpiry:       30 * 24 * time.Hour,
	},
	Providers: OAuthProvidersConfig{
		Google: OAuthProviderConfig{
			Enabled:      false,
			ClientID:     "",
			ClientSecret: "",
			AuthURL:      "https://accounts.google.com/o/oauth2/v2/auth",
			TokenURL:     "https://oauth2.googleapis.com/token",
			UserInfoURL:  "https://openidconnect.googleapis.com/v1/userinfo",
			Scopes:       []string{"openid", "email", "profile"},
		},
		GitHub: OAuthProviderConfig{
			Enabled:      false,
			ClientID:     "",
			ClientSecret: "",
			AuthURL:      "https://github.com/login/oauth/authorize",
			TokenURL:     "https://github.com/login/oauth/access_token",
			UserInfoURL:  "https://api.github.com/user",
			Scopes:       []string{"user:email", "read:user"},
		},
		WeChat: OAuthProviderConfig{
			Enabled:      false,
			ClientID:     "",
			ClientSecret: "",
			AuthURL:      "https://open.weixin.qq.com/connect/qrconnect",
			TokenURL:     "https://api.weixin.qq.com/sns/oauth2/access_token",
			UserInfoURL:  "https://api.weixin.qq.com/sns/userinfo",
			Scopes:       []string{"snsapi_login"},
		},
	},
}