README
¶
IndieAuth
This package implements an IndieAuth (an identity layer on top of OAuth 2.0) client/authentication middleware.
It implements an IndieAuth Client and will use your own external Authorization Endpoint.
It was designed to replace basic authentication when restricting access to private projects, it does not support multiple users.
Relies on the sessions package from the Gorilla web toolkit.
QuickStart
$ get get a4.io/go/indieauth
Note: If you are not using gorilla/mux, you need to wrap your handlers with context.ClearHandler to prevent leaking memory.
package main
import (
"log"
"net/http"
"a4.io/go/indieauth"
"github.com/gorilla/context"
"github.com/gorilla/sessions"
)
var cookieStore = sessions.NewCookieStore([]byte("my-secret"))
func main() {
ia, err:= indieauth.New(cookieStore, "https://my.indie.auth.domain")
if err != nil {
panic(err)
}
iaMiddleware = ia.Middleware()
http.HandleFunc(indieauth.DefaultRedirectPath, ia.RedirectHandler)
http.HandleFunc("/logout", func(w http.ResponseWriter, r *http.Request) {
indie.Logout(w, r)
})
http.Handle("/", iaMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Write([]byte("YAY!"))
})))
log.Fatal(http.ListenAndServe(":8011", context.ClearHandler(http.DefaultServeMux)))
}
Documentation
¶
Overview ¶
Package indieauth implements an IndieAuth (an identity layer on top of OAuth 2.0)] client/authentication middleware.
Index ¶
- Constants
- Variables
- func ClientID(clientID string) func(*http.Request) string
- type IndieAuth
- func (ia *IndieAuth) Check(r *http.Request) bool
- func (ia *IndieAuth) Logout(w http.ResponseWriter, r *http.Request)
- func (ia *IndieAuth) Middleware() func(http.Handler) http.Handler
- func (ia *IndieAuth) Redirect(w http.ResponseWriter, r *http.Request) error
- func (ia *IndieAuth) RedirectHandler(w http.ResponseWriter, r *http.Request)
Constants ¶
const (
// DefaultRedirectPath is default path where the RedirectHandler should be served
DefaultRedirectPath = "/indieauth-redirect"
)
Variables ¶
var ( // ErrForbidden is returned when the authorization endpoint answered a 403 ErrForbidden = errors.New("authorization endpoint answered with forbidden") // ErrAuthorizationEndointNotFound is returned when the authorization_endpoint could not be discovered for the given URL ErrAuthorizationEndpointNotFound = errors.New("authorization_endpoint not found") // UserAgent is the User Agent used for the requests performed as an "IndieAuth Client" UserAgent = "IndieAuth client (+https://a4.io/go/indieauth)" // SessionName is the name of the Gorilla session SessionName = "indieauth" )
Functions ¶
Types ¶
type IndieAuth ¶
type IndieAuth struct {
// ClientID will try to guess the client ID from the request by default
ClientID func(r *http.Request) string
// RedirectPath will default to `/indieauth-redirect`
RedirectPath string
// contains filtered or unexported fields
}
IndieAuth holds the auth manager
func New ¶
func New(store *sessions.CookieStore, me string) (*IndieAuth, error)
New initializes an IndieAuth auth manager, the `Middleware` shortcut is the preferred API unless you want fine-grained configuration.
func (*IndieAuth) Logout ¶
func (ia *IndieAuth) Logout(w http.ResponseWriter, r *http.Request)
Logout logs out the current user
func (*IndieAuth) Middleware ¶
Middleware provides a middleware that will only allow user authenticated against the given IndiAuth endpoint
func (*IndieAuth) Redirect ¶
Redirect responds to the request by redirecting to the authorization endpoint
func (*IndieAuth) RedirectHandler ¶
func (ia *IndieAuth) RedirectHandler(w http.ResponseWriter, r *http.Request)
RedirectHandler is a HTTP handler that must be registered on the app at `/indieauth-redirect`
Source Files