From a30ef6b27e578a4cf0a674b24f5b52b4c1516c63 Mon Sep 17 00:00:00 2001
From: Jeroen Wijenbergh <jeroen.wijenbergh@geant.org>
Date: Thu, 12 Feb 2026 12:34:08 +0100
Subject: All: Rename packages that sound useless or clash with std

---
 internal/eduvpnapi/endpoints/endpoints.go | 62 +++++++++++++++++++++++++++++++
 1 file changed, 62 insertions(+)
 create mode 100644 internal/eduvpnapi/endpoints/endpoints.go

(limited to 'internal/eduvpnapi/endpoints/endpoints.go')

diff --git a/internal/eduvpnapi/endpoints/endpoints.go b/internal/eduvpnapi/endpoints/endpoints.go
new file mode 100644
index 0000000..c98d2c7
--- /dev/null
+++ b/internal/eduvpnapi/endpoints/endpoints.go
@@ -0,0 +1,62 @@
+// Package endpoints defines a wrapper around the various
+// endpoints returned by an eduVPN server in well-known
+package endpoints
+
+import (
+	"fmt"
+	"net/url"
+)
+
+// List is the list of endpoints as returned by the eduVPN server
+type List struct {
+	// API is the API endpoint which we use for calls such as /info, /connect, ...
+	API string `json:"api_endpoint"`
+	// Authorization is the authorization endpoint for OAuth
+	Authorization string `json:"authorization_endpoint"`
+	// Token is the token endpoint for OAuth
+	Token string `json:"token_endpoint"`
+}
+
+// Versions is the endpoints separated by API version
+type Versions struct {
+	// V2 is the legacy V2 API, this is not used
+	V2 List `json:"http://eduvpn.org/api#2"`
+	// V3 is the newest API, which we use
+	V3 List `json:"http://eduvpn.org/api#3"`
+}
+
+// Endpoints defines the json format for /.well-known/vpn-user-portal".
+type Endpoints struct {
+	// API defines the API endpoints, split by version
+	API Versions `json:"api"`
+	// V is the version string for the server
+	V string `json:"v"`
+}
+
+// Validate validates the endpoints by parsing them and checking the scheme is HTTP
+// An error is returned if they are not valid
+func (e Endpoints) Validate() error {
+	v3 := e.API.V3
+	pAPI, err := url.Parse(v3.API)
+	if err != nil {
+		return fmt.Errorf("failed to parse API endpoint: %w", err)
+	}
+	pAuth, err := url.Parse(v3.Authorization)
+	if err != nil {
+		return fmt.Errorf("failed to parse API authorization endpoint: %w", err)
+	}
+	pToken, err := url.Parse(v3.Token)
+	if err != nil {
+		return fmt.Errorf("failed to parse API token endpoint: %w", err)
+	}
+	if pAPI.Scheme != "https" {
+		return fmt.Errorf("API Scheme: '%s', is not equal to HTTPS", pAPI.Scheme)
+	}
+	if pAPI.Scheme != pAuth.Scheme {
+		return fmt.Errorf("API scheme: '%v', is not equal to authorization scheme: '%v'", pAPI.Scheme, pAuth.Scheme)
+	}
+	if pAPI.Scheme != pToken.Scheme {
+		return fmt.Errorf("API scheme: '%v', is not equal to token scheme: '%v'", pAPI.Scheme, pToken.Scheme)
+	}
+	return nil
+}
-- 
cgit v1.2.3