import type { NextRequest } from 'next/server';
import { NextResponse } from 'next/server';
export async function GET(request: NextRequest) {
const baseUrl =
process.env.NEXTAUTH_URL || `${request.nextUrl.protocol}//${request.nextUrl.host}`;
const metadata = {
issuer: baseUrl,
authorization_endpoint: `${baseUrl}/oauth/authorize`,
token_endpoint: `${baseUrl}/api/oauth/token`,
registration_endpoint: `${baseUrl}/api/oauth/register`,
scopes_supported: ['api:read', 'api:write'],
response_types_supported: ['code'],
grant_types_supported: ['authorization_code', 'refresh_token'],
token_endpoint_auth_methods_supported: ['none', 'client_secret_post'],
code_challenge_methods_supported: ['plain', 'S256'],
};
const response = NextResponse.json(metadata);
// Add CORS headers
response.headers.set('Access-Control-Allow-Origin', '*');
response.headers.set('Access-Control-Allow-Methods', 'GET, OPTIONS');
response.headers.set('Access-Control-Allow-Headers', 'Content-Type, Authorization');
return response;
}
export async function OPTIONS(_request: NextRequest) {
const response = new NextResponse('OK', { status: 200 });
// Add CORS headers for preflight requests
response.headers.set('Access-Control-Allow-Origin', '*');
response.headers.set('Access-Control-Allow-Methods', 'GET, OPTIONS');
response.headers.set('Access-Control-Allow-Headers', 'Content-Type, Authorization');
return response;
}
