ory · hperl · Jan 22, 2025 · Jan 24, 2025
@@ -185,6 +185,7 @@ type options struct {
 	extraGoMigrations             popx.Migrations
 	replacementStrategies         []NewStrategy
 	extraHooks                    map[string]func(config.SelfServiceHook) any
+	extraHandlers                 []NewHandlerRegistrar
 	disableMigrationLogging       bool
 	jsonnetPool                   jsonnetsecure.Pool
 }
@@ -236,6 +237,14 @@ func WithExtraHooks(hooks map[string]func(config.SelfServiceHook) any) RegistryO
 	}
 }
 
+type NewHandlerRegistrar func(deps any) x.HandlerRegistrar
+
+func WithExtraHandlers(handlers ...NewHandlerRegistrar) RegistryOption {
+	return func(o *options) {
+		o.extraHandlers = handlers
+	}
+}
+
 func Inspect(f func(reg Registry) error) RegistryOption {
 	return func(o *options) {
 		o.inspect = f

@@ -78,6 +78,8 @@ type RegistryDefault struct {
 	ctxer contextx.Contextualizer
 
 	injectedSelfserviceHooks map[string]func(config.SelfServiceHook) interface{}
+	extraHandlerFactories    []NewHandlerRegistrar
+	extraHandlers            []x.HandlerRegistrar
 
 	nosurf         nosurf.Handler
 	trc            *otelx.Tracer
@@ -175,6 +177,9 @@ func (m *RegistryDefault) Audit() *logrusx.Logger {
 }
 
 func (m *RegistryDefault) RegisterPublicRoutes(ctx context.Context, router *x.RouterPublic) {
+	for _, h := range m.ExtraHandlers() {
+		h.RegisterPublicRoutes(router)
+	}
 	m.LoginHandler().RegisterPublicRoutes(router)
 	m.RegistrationHandler().RegisterPublicRoutes(router)
 	m.LogoutHandler().RegisterPublicRoutes(router)
@@ -198,6 +203,9 @@ func (m *RegistryDefault) RegisterPublicRoutes(ctx context.Context, router *x.Ro
 }
 
 func (m *RegistryDefault) RegisterAdminRoutes(ctx context.Context, router *x.RouterAdmin) {
+	for _, h := range m.ExtraHandlers() {
+		h.RegisterAdminRoutes(router)
+	}
 	m.RegistrationHandler().RegisterAdminRoutes(router)
 	m.LoginHandler().RegisterAdminRoutes(router)
 	m.LogoutHandler().RegisterAdminRoutes(router)
@@ -640,6 +648,9 @@ func (m *RegistryDefault) Init(ctx context.Context, ctxer contextx.Contextualize
 	if o.extraHooks != nil {
 		m.WithHooks(o.extraHooks)
 	}
+	if o.extraHandlers != nil {
+		m.WithExtraHandlers(o.extraHandlers)
+	}
 
 	if o.replaceIdentitySchemaProvider != nil {
 		m.identitySchemaProvider = o.replaceIdentitySchemaProvider(m)
@@ -904,3 +915,12 @@ func (m *RegistryDefault) SessionTokenizer() *session.Tokenizer {
 	}
 	return m.sessionTokenizer
 }
+
+func (m *RegistryDefault) ExtraHandlers() []x.HandlerRegistrar {
+	if m.extraHandlers == nil {
+		for _, newHandler := range m.extraHandlerFactories {
+			m.extraHandlers = append(m.extraHandlers, newHandler(m))
+		}
+	}
+	return m.extraHandlers
+}
@@ -60,6 +60,9 @@ func (m *RegistryDefault) HookTwoStepRegistration() *hook.TwoStepRegistration {
 func (m *RegistryDefault) WithHooks(hooks map[string]func(config.SelfServiceHook) interface{}) {
 	m.injectedSelfserviceHooks = hooks
 }
+func (m *RegistryDefault) WithExtraHandlers(handlers []NewHandlerRegistrar) {
+	m.extraHandlerFactories = handlers
+}
 
 func (m *RegistryDefault) getHooks(credentialsType string, configs []config.SelfServiceHook) (i []interface{}) {
 	var addSessionIssuer bool

@@ -460,7 +460,8 @@
             "linkedin",
             "linkedin_v2",
             "lark",
-            "x"
+            "x",
+            "fedcm-test"
           ],
           "examples": ["google"]
         },
@@ -578,6 +579,13 @@
           "type": "string",
           "enum": ["auto", "never", "force"],
           "default": "auto"
+        },
+        "fedcm_config_url": {
+          "title": "Federation Configuration URL",
+          "description": "The URL where the FedCM IdP configuration is located for the provider. This is only effective in the Ory Network.",
+          "type": "string",
+          "format": "uri",
+          "examples": ["https://example.com/config.json"]
         }
       },
       "additionalProperties": false,

@@ -35,6 +35,7 @@ docs/ErrorGeneric.md
 docs/FlowError.md
 docs/FrontendAPI.md
 docs/GenericError.md
+docs/GetFedCmParametersResponse.md
 docs/GetVersion200Response.md
 docs/HealthNotReadyStatus.md
 docs/HealthStatus.md
@@ -70,6 +71,7 @@ docs/OAuth2ConsentRequestOpenIDConnectContext.md
 docs/OAuth2LoginRequest.md
 docs/PatchIdentitiesBody.md
 docs/PerformNativeLogoutBody.md
+docs/Provider.md
 docs/RecoveryCodeForIdentity.md
 docs/RecoveryFlow.md
 docs/RecoveryFlowState.md
@@ -83,6 +85,7 @@ docs/SessionAuthenticationMethod.md
 docs/SessionDevice.md
 docs/SettingsFlow.md
 docs/SettingsFlowState.md
+docs/SubmitFedcmTokenBody.md
 docs/SuccessfulCodeExchangeResponse.md
 docs/SuccessfulNativeLogin.md
 docs/SuccessfulNativeRegistration.md
@@ -160,6 +163,7 @@ model_error_flow_replaced.go
 model_error_generic.go
 model_flow_error.go
 model_generic_error.go
+model_get_fed_cm_parameters_response.go
 model_get_version_200_response.go
 model_health_not_ready_status.go
 model_health_status.go
@@ -193,6 +197,7 @@ model_o_auth2_consent_request_open_id_connect_context.go
 model_o_auth2_login_request.go
 model_patch_identities_body.go
 model_perform_native_logout_body.go
+model_provider.go
 model_recovery_code_for_identity.go
 model_recovery_flow.go
 model_recovery_flow_state.go
@@ -206,6 +211,7 @@ model_session_authentication_method.go
 model_session_device.go
 model_settings_flow.go
 model_settings_flow_state.go
+model_submit_fedcm_token_body.go
 model_successful_code_exchange_response.go
 model_successful_native_login.go
 model_successful_native_registration.go

@@ -95,6 +95,7 @@ Class | Method | HTTP request | Description
 *FrontendAPI* | [**DisableMyOtherSessions**](docs/FrontendAPI.md#disablemyothersessions) | **Delete** /sessions | Disable my other sessions
 *FrontendAPI* | [**DisableMySession**](docs/FrontendAPI.md#disablemysession) | **Delete** /sessions/{id} | Disable one of my sessions
 *FrontendAPI* | [**ExchangeSessionToken**](docs/FrontendAPI.md#exchangesessiontoken) | **Get** /sessions/token-exchange | Exchange Session Token
+*FrontendAPI* | [**GetFedcmParameters**](docs/FrontendAPI.md#getfedcmparameters) | **Get** /self-service/fed-cm/parameters | Get FedCM Parameters
 *FrontendAPI* | [**GetFlowError**](docs/FrontendAPI.md#getflowerror) | **Get** /self-service/errors | Get User-Flow Errors
 *FrontendAPI* | [**GetLoginFlow**](docs/FrontendAPI.md#getloginflow) | **Get** /self-service/login/flows | Get Login Flow
 *FrontendAPI* | [**GetRecoveryFlow**](docs/FrontendAPI.md#getrecoveryflow) | **Get** /self-service/recovery/flows | Get Recovery Flow
@@ -104,6 +105,7 @@ Class | Method | HTTP request | Description
 *FrontendAPI* | [**GetWebAuthnJavaScript**](docs/FrontendAPI.md#getwebauthnjavascript) | **Get** /.well-known/ory/webauthn.js | Get WebAuthn JavaScript
 *FrontendAPI* | [**ListMySessions**](docs/FrontendAPI.md#listmysessions) | **Get** /sessions | Get My Active Sessions
 *FrontendAPI* | [**PerformNativeLogout**](docs/FrontendAPI.md#performnativelogout) | **Delete** /self-service/logout/api | Perform Logout for Native Apps
+*FrontendAPI* | [**SubmitFedcmToken**](docs/FrontendAPI.md#submitfedcmtoken) | **Post** /self-service/fed-cm/token | Submit a FedCM token
 *FrontendAPI* | [**ToSession**](docs/FrontendAPI.md#tosession) | **Get** /sessions/whoami | Check Who the Current HTTP Session Belongs To
 *FrontendAPI* | [**UpdateLoginFlow**](docs/FrontendAPI.md#updateloginflow) | **Post** /self-service/login | Submit a Login Flow
 *FrontendAPI* | [**UpdateLogoutFlow**](docs/FrontendAPI.md#updatelogoutflow) | **Get** /self-service/logout | Update Logout Flow
@@ -160,6 +162,7 @@ Class | Method | HTTP request | Description
  - [ErrorGeneric](docs/ErrorGeneric.md)
  - [FlowError](docs/FlowError.md)
  - [GenericError](docs/GenericError.md)
+ - [GetFedCmParametersResponse](docs/GetFedCmParametersResponse.md)
  - [GetVersion200Response](docs/GetVersion200Response.md)
  - [HealthNotReadyStatus](docs/HealthNotReadyStatus.md)
  - [HealthStatus](docs/HealthStatus.md)
@@ -193,6 +196,7 @@ Class | Method | HTTP request | Description
  - [OAuth2LoginRequest](docs/OAuth2LoginRequest.md)
  - [PatchIdentitiesBody](docs/PatchIdentitiesBody.md)
  - [PerformNativeLogoutBody](docs/PerformNativeLogoutBody.md)
+ - [Provider](docs/Provider.md)
  - [RecoveryCodeForIdentity](docs/RecoveryCodeForIdentity.md)
  - [RecoveryFlow](docs/RecoveryFlow.md)
  - [RecoveryFlowState](docs/RecoveryFlowState.md)
@@ -206,6 +210,7 @@ Class | Method | HTTP request | Description
  - [SessionDevice](docs/SessionDevice.md)
  - [SettingsFlow](docs/SettingsFlow.md)
  - [SettingsFlowState](docs/SettingsFlowState.md)
+ - [SubmitFedcmTokenBody](docs/SubmitFedcmTokenBody.md)
  - [SuccessfulCodeExchangeResponse](docs/SuccessfulCodeExchangeResponse.md)
  - [SuccessfulNativeLogin](docs/SuccessfulNativeLogin.md)
  - [SuccessfulNativeRegistration](docs/SuccessfulNativeRegistration.md)