feat: Create authorization

knockoutwhistweb/app/services/OpenIDConnectService.scala

@@ -19,7 +19,8 @@ case class OpenIDUserInfo(
   email: Option[String],
   name: Option[String],
   picture: Option[String],
-  provider: String
+  provider: String,
+  providerName: String
 )
 
 object OpenIDUserInfo {
@@ -51,7 +52,7 @@ class OpenIDConnectService@Inject(ws: WSClient, config: Configuration)(implicit
 
   private val providers = Map(
     "discord" -> OpenIDProvider(
-      name = "discord",
+      name = "Discord",
       clientId = config.get[String]("openid.discord.clientId"),
       clientSecret = config.get[String]("openid.discord.clientSecret"),
       redirectUri = config.get[String]("openid.discord.redirectUri"),
@@ -61,7 +62,7 @@ class OpenIDConnectService@Inject(ws: WSClient, config: Configuration)(implicit
       scopes = Set("identify", "email")
     ),
     "keycloak" -> OpenIDProvider(
-      name = "keycloak",
+      name = "Identity",
       clientId = config.get[String]("openid.keycloak.clientId"),
       clientSecret = config.get[String]("openid.keycloak.clientSecret"),
       redirectUri = config.get[String]("openid.keycloak.redirectUri"),
@@ -74,16 +75,30 @@ class OpenIDConnectService@Inject(ws: WSClient, config: Configuration)(implicit
 
   def getAuthorizationUrl(providerName: String, state: String, nonce: String): Option[String] = {
     providers.get(providerName).map { provider =>
-      val authRequest = new AuthenticationRequest.Builder(
-        new ResponseType(ResponseType.Value.CODE),
-        new com.nimbusds.oauth2.sdk.Scope(provider.scopes.mkString(" ")),
-        new com.nimbusds.oauth2.sdk.id.ClientID(provider.clientId),
-        URI.create(provider.redirectUri)
-      )
-        .state(new com.nimbusds.oauth2.sdk.id.State(state))
-        .nonce(new Nonce(nonce))
-        .endpointURI(URI.create(provider.authorizationEndpoint))
-        .build()
+      val authRequest = if (provider.scopes.contains("openid")) {
+        // Use OpenID Connect AuthenticationRequest for OpenID providers
+        new AuthenticationRequest.Builder(
+          new ResponseType(ResponseType.Value.CODE),
+          new com.nimbusds.oauth2.sdk.Scope(provider.scopes.mkString(" ")),
+          new com.nimbusds.oauth2.sdk.id.ClientID(provider.clientId),
+          URI.create(provider.redirectUri)
+        )
+          .state(new com.nimbusds.oauth2.sdk.id.State(state))
+          .nonce(new Nonce(nonce))
+          .endpointURI(URI.create(provider.authorizationEndpoint))
+          .build()
+      } else {
+        // Use standard OAuth2 AuthorizationRequest for non-OpenID providers (like Discord)
+        new AuthorizationRequest.Builder(
+          new ResponseType(ResponseType.Value.CODE),
+          new com.nimbusds.oauth2.sdk.id.ClientID(provider.clientId)
+        )
+          .scope(new com.nimbusds.oauth2.sdk.Scope(provider.scopes.mkString(" ")))
+          .state(new com.nimbusds.oauth2.sdk.id.State(state))
+          .redirectionURI(URI.create(provider.redirectUri))
+          .endpointURI(URI.create(provider.authorizationEndpoint))
+          .build()
+      }
 
       authRequest.toURI.toString
     }
@@ -139,7 +154,8 @@ class OpenIDConnectService@Inject(ws: WSClient, config: Configuration)(implicit
                 email = (json \ "email").asOpt[String],
                 name = (json \ "name").asOpt[String].orElse((json \ "login").asOpt[String]),
                 picture = (json \ "picture").asOpt[String].orElse((json \ "avatar_url").asOpt[String]),
-                provider = providerName
+                provider = providerName,
+                providerName = provider.name
               ))
             } else {
               None