#73 begin implement keycloak

utils/auth.go

@@ -1,9 +1,65 @@
 package utils
 
-// import (
-// 	"context"
-// 	"log"
-// )
+import (
+	"encoding/json"
+	"errors"
+	"io"
+	"log"
+	"net/http"
+	"strings"
+
+	"github.com/golang-jwt/jwt/v5"
+)
+
+func InitializeAuth() {
+	resp, err := http.Get("https://auth.me-fit.eu/realms/me-fit/protocol/openid-connect/certs")
+	if err != nil {
+		log.Fatalf("error getting certs: %v\n", err)
+	}
+
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		log.Fatalf("error reading body: %v\n", err)
+	}
+
+	var certs map[string]interface{}
+
+	err = json.Unmarshal(body, &certs)
+	if err != nil {
+		log.Fatalf("error unmarshalling certs: %v\n", err)
+	}
+
+	log.Println("initialized auth", certs["keys"].([]interface{})[0].(map[string]interface{})["kid"])
+}
+
+func keyFunc() jwt.Keyfunc {
+	return func(token *jwt.Token) (interface{}, error) {
+		return []byte("secret"), nil
+	}
+}
+
+func isAuthorized(r *http.Request) (*jwt.Token, error) {
+	auth := r.Header.Get("Authorization")
+	if auth == "" {
+		return nil, errors.New("no authorization header")
+	}
+
+	tokenStr := strings.Split(auth, " ")[1]
+	if tokenStr == "" {
+		return nil, errors.New("no authorization header")
+	}
+
+	token, err := jwt.Parse(tokenStr, keyFunc(), nil)
+	if err != nil {
+		return nil, errors.New("no authorization header")
+	}
+
+	if !token.Valid {
+		return nil, errors.New("no authorization header")
+	}
+
+	return token, nil
+}
 
 // func VerifyToken(token string) (*auth.Token, error) {
 // 	if app == nil {