1 files changed, 23 insertions, 0 deletions

diff --git a/src/main/java/moe/nea/prickly/server/Server.java b/src/main/java/moe/nea/prickly/server/Server.java
index 2ff7bc9..9bb6df1 100644
--- a/src/main/java/moe/nea/prickly/server/Server.java
+++ b/src/main/java/moe/nea/prickly/server/Server.java
@@ -1,10 +1,16 @@
 /* (C) 2025 Linnea Gräf - Licensed to everyone under the BSD 3 Clause License */
 package moe.nea.prickly.server;
 
+import com.google.common.base.Preconditions;
 import io.javalin.Javalin;
 import io.javalin.config.JavalinConfig;
+import io.javalin.rendering.template.JavalinJte;
+import java.util.Map;
+import java.util.Objects;
 import lombok.extern.slf4j.Slf4j;
 import moe.nea.prickly.config.Config;
+import moe.nea.prickly.model.AuthorizationRequest;
+import moe.nea.prickly.util.OAuthUtil;
 
 @Slf4j
 public class Server {
@@ -29,10 +35,27 @@ public class Server {
 		javalin.get(prefix + "/", ctx -> {
 			ctx.redirect(application.HOMEPAGE);
 		});
+		javalin.get(prefix + "/authorize", ctx -> {
+			var responseType = OAuthUtil.parseResponseType(ctx.queryParam("response_type"));
+			var redirectUri = OAuthUtil.verifyRedirectUrl(ctx.queryParam("redirect_uri"), application.REDIRECT_URI);
+			var state = ctx.queryParam("state");
+			var clientId = ctx.queryParam("client_id");
+			Preconditions.checkArgument(
+					Objects.equals(clientId, application.SLUG), "client_id does not match application slug");
+			var scope = OAuthUtil.parseScopes(ctx.queryParam("scope"));
+			ctx.render(
+					"authorize.jte",
+					Map.of(
+							"application",
+							application,
+							"authorizationRequest",
+							new AuthorizationRequest(responseType, redirectUri, state, scope)));
+		});
 	}
 
 	protected void configure(JavalinConfig config) {
 		log.info("configuring javalin");
+		config.fileRenderer(new JavalinJte());
 	}
 
 	public void start() {