From 84377b37e845c482ccdde294a9a813e342d1ab2e Mon Sep 17 00:00:00 2001
From: Tristan Cartledge <tristan@speakeasyapi.dev>
Date: Thu, 29 Aug 2024 13:50:00 +0100
Subject: [PATCH] feat: add support for custom security schemes

---
 cmd/server/main.go       |  1 +
 internal/auth/service.go | 20 ++++++++++++++++++++
 2 files changed, 21 insertions(+)

diff --git a/cmd/server/main.go b/cmd/server/main.go
index 95f949a..db70cfa 100644
--- a/cmd/server/main.go
+++ b/cmd/server/main.go
@@ -32,6 +32,7 @@ func main() {
 		_, _ = w.Write([]byte("pong"))
 	}).Methods(http.MethodGet)
 	r.HandleFunc("/auth", auth.HandleAuth).Methods(http.MethodPost)
+	r.HandleFunc("/auth/customsecurity/{customSchemeType}", auth.HandleCustomAuth).Methods(http.MethodGet)
 	r.HandleFunc("/requestbody", requestbody.HandleRequestBody).Methods(http.MethodPost)
 	r.HandleFunc("/vendorjson", responseHeaders.HandleVendorJsonResponseHeaders).Methods(http.MethodGet)
 	r.HandleFunc("/pagination/limitoffset/page", pagination.HandleLimitOffsetPage).Methods(http.MethodGet, http.MethodPut)
diff --git a/internal/auth/service.go b/internal/auth/service.go
index 57e2d79..42b8410 100644
--- a/internal/auth/service.go
+++ b/internal/auth/service.go
@@ -2,6 +2,7 @@ package auth
 
 import (
 	"encoding/json"
+	"fmt"
 	"io"
 	"net/http"
 
@@ -28,3 +29,22 @@ func HandleAuth(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 }
+
+func HandleCustomAuth(w http.ResponseWriter, r *http.Request) {
+	switch r.URL.Path {
+	case "/auth/customsecurity/customSchemeAppId":
+		appID := r.Header.Get("X-Security-App-Id")
+		if appID != "testAppID" {
+			utils.HandleError(w, fmt.Errorf("invalid app id: %w", authError))
+			return
+		}
+		secret := r.Header.Get("X-Security-Secret")
+		if secret != "testSecret" {
+			utils.HandleError(w, fmt.Errorf("invalid secret: %w", authError))
+			return
+		}
+	default:
+		utils.HandleError(w, fmt.Errorf("invalid path"))
+		return
+	}
+}