Documentation ¶
Overview ¶
Package provider implements all oauth2, oauth1 as well as custom and direct providers
Index ¶
- Constants
- type AppleConfig
- type AppleHandler
- type AvatarSaver
- type BearerTokenHook
- type CredChecker
- type CredCheckerFunc
- type CustomHandlerOpt
- type CustomServer
- type CustomServerOpt
- type DevAuthServer
- type DirectHandler
- type LoadFromFileFunc
- type Oauth1Handler
- type Oauth2Handler
- func NewBattlenet(p Params) Oauth2Handler
- func NewCustom(name string, p Params, copts CustomHandlerOpt) Oauth2Handler
- func NewDev(p Params) Oauth2Handler
- func NewFacebook(p Params) Oauth2Handler
- func NewGithub(p Params) Oauth2Handler
- func NewGoogle(p Params) Oauth2Handler
- func NewMicrosoft(p Params) Oauth2Handler
- func NewPatreon(p Params) Oauth2Handler
- func NewYandex(p Params) Oauth2Handler
- type Params
- type PrivateKeyLoaderInterface
- type Provider
- type Sender
- type SenderFunc
- type Service
- type TelegramAPI
- type TelegramHandler
- func (th *TelegramHandler) AuthHandler(_ http.ResponseWriter, _ *http.Request)
- func (th *TelegramHandler) LoginHandler(w http.ResponseWriter, r *http.Request)
- func (th *TelegramHandler) LogoutHandler(w http.ResponseWriter, _ *http.Request)
- func (th *TelegramHandler) Name() string
- func (th *TelegramHandler) ProcessUpdate(ctx context.Context, textUpdate string) error
- func (th *TelegramHandler) Run(ctx context.Context) error
- func (th *TelegramHandler) String() string
- type TokenService
- type UserAttributes
- type UserData
- type UserIDFunc
- type VerifTokenService
- type VerifyHandler
Constants ¶
const (
// AcceptJSONHeader is the content to accept from response
AcceptJSONHeader = "application/json"
)
const (
// MaxHTTPBodySize defines max http body size
MaxHTTPBodySize = 1024 * 1024
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AppleConfig ¶
type AppleConfig struct { ClientID string // the identifier Services ID for your app created in Apple developer account. TeamID string // developer Team ID (10 characters), required for create JWT. It available, after signed in at developer account, by link: https://developer.apple.com/account/#/membership KeyID string // private key ID assigned to private key obtain in Apple developer account ResponseMode string // changes method of receiving data in callback. Default value "form_post" (https://developer.apple.com/documentation/sign_in_with_apple/request_an_authorization_to_the_sign_in_with_apple_server?changes=_1_2#4066168) // contains filtered or unexported fields }
AppleConfig is the main oauth2 required parameters for "Sign in with Apple"
type AppleHandler ¶
type AppleHandler struct { Params PrivateKeyLoader PrivateKeyLoaderInterface // custom function interface for load private key // contains filtered or unexported fields }
AppleHandler implements login via Apple ID
func NewApple ¶
func NewApple(p Params, appleCfg AppleConfig, privateKeyLoader PrivateKeyLoaderInterface) (*AppleHandler, error)
NewApple create new AppleProvider instance with a user parameters Private key must be set, when instance create call, for create `client_secret`
func (AppleHandler) AuthHandler ¶
func (ah AppleHandler) AuthHandler(w http.ResponseWriter, r *http.Request)
AuthHandler fills user info and redirects to "from" url. This is callback url redirected locally by browser GET /callback
func (*AppleHandler) LoginHandler ¶
func (ah *AppleHandler) LoginHandler(w http.ResponseWriter, r *http.Request)
LoginHandler - GET */{provider-name}/login
func (AppleHandler) LogoutHandler ¶
func (ah AppleHandler) LogoutHandler(w http.ResponseWriter, r *http.Request)
LogoutHandler - GET /logout
type AvatarSaver ¶
AvatarSaver defines minimal interface to save avatar
type BearerTokenHook ¶
BearerTokenHook accepts provider name, user and token, received during oauth2 authentication
type CredChecker ¶
CredChecker defines interface to check credentials
type CredCheckerFunc ¶
CredCheckerFunc type is an adapter to allow the use of ordinary functions as CredsChecker.
type CustomHandlerOpt ¶
type CustomHandlerOpt struct { Endpoint oauth2.Endpoint InfoURL string MapUserFn func(UserData, []byte) token.User BearerTokenHookFn BearerTokenHook Scopes []string }
CustomHandlerOpt are options to initialize a handler for oauth2 server
type CustomServer ¶
type CustomServer struct { logger.L URL string // root url for custom oauth2 server WithLoginPage bool // redirect to login html page if true LoginPageHandler func(w http.ResponseWriter, r *http.Request) // handler for user-defined login page OauthServer *goauth2.Server // an instance of go-oauth2/oauth2 server HandlerOpt CustomHandlerOpt // contains filtered or unexported fields }
CustomServer is a wrapper over go-oauth2/oauth2 server running on its own port
func NewCustomServer ¶
func NewCustomServer(srv *goauth2.Server, sopts CustomServerOpt) *CustomServer
NewCustomServer is helper function to initiate a customer server and prefill options needed for provider registration (see Service.AddCustomProvider)
func (*CustomServer) Run ¶
func (c *CustomServer) Run(ctx context.Context)
Run starts serving on port from c.URL
type CustomServerOpt ¶
type CustomServerOpt struct { logger.L URL string WithLoginPage bool LoginPageHandler func(w http.ResponseWriter, r *http.Request) }
CustomServerOpt are options to initialize a custom go-oauth2/oauth2 server
type DevAuthServer ¶
type DevAuthServer struct { logger.L Provider Oauth2Handler Automatic bool GetEmailFn func(string) string // contains filtered or unexported fields }
DevAuthServer is a fake oauth server for development it provides stand-alone server running on its own port and pretending to be the real oauth2. It also provides Dev Provider the same way as normal providers do, i.e. like github, google and others. can run in interactive and non-interactive mode. In interactive mode login attempts will show login form to select desired user name, this is the mode used for development. Non-interactive mode for tests only.
func (*DevAuthServer) Run ¶
func (d *DevAuthServer) Run(ctx context.Context)
Run oauth2 dev server on port devAuthPort
type DirectHandler ¶
type DirectHandler struct { logger.L CredChecker CredChecker ProviderName string TokenService TokenService Issuer string AvatarSaver AvatarSaver UserIDFunc UserIDFunc }
DirectHandler implements non-oauth2 provider authorizing user in traditional way with storage with users and hashes
func (DirectHandler) AuthHandler ¶
func (p DirectHandler) AuthHandler(http.ResponseWriter, *http.Request)
AuthHandler doesn't do anything for direct login as it has no callbacks
func (DirectHandler) LoginHandler ¶
func (p DirectHandler) LoginHandler(w http.ResponseWriter, r *http.Request)
LoginHandler checks "user" and "passwd" against data store and makes jwt if all passed.
GET /something?user=name&passwd=xyz&aud=bar&sess=[0|1]
POST /something?sess[0|1] Accepts application/x-www-form-urlencoded or application/json encoded requests.
application/x-www-form-urlencoded body example: user=name&passwd=xyz&aud=bar
application/json body example:
{ "user": "name", "passwd": "xyz", "aud": "bar", }
func (DirectHandler) LogoutHandler ¶
func (p DirectHandler) LogoutHandler(w http.ResponseWriter, _ *http.Request)
LogoutHandler - GET /logout
type LoadFromFileFunc ¶
type LoadFromFileFunc struct {
Path string
}
LoadFromFileFunc is the type for use pre-defined private key loader function Path field must be set with actual path to private key file
func LoadApplePrivateKeyFromFile ¶
func LoadApplePrivateKeyFromFile(path string) LoadFromFileFunc
LoadApplePrivateKeyFromFile return instance for pre-defined loader function from local file
func (LoadFromFileFunc) LoadPrivateKey ¶
func (lf LoadFromFileFunc) LoadPrivateKey() ([]byte, error)
LoadPrivateKey implement pre-defined (built-in) PrivateKeyLoaderInterface interface method for load private key from local file
type Oauth1Handler ¶
type Oauth1Handler struct { Params // contains filtered or unexported fields }
Oauth1Handler implements /login, /callback and /logout handlers for oauth1 flow
func (Oauth1Handler) AuthHandler ¶
func (h Oauth1Handler) AuthHandler(w http.ResponseWriter, r *http.Request)
AuthHandler fills user info and redirects to "from" url. This is callback url redirected locally by browser GET /callback
func (Oauth1Handler) LoginHandler ¶
func (h Oauth1Handler) LoginHandler(w http.ResponseWriter, r *http.Request)
LoginHandler - GET /login?from=redirect-back-url&site=siteID&session=1
func (Oauth1Handler) LogoutHandler ¶
func (h Oauth1Handler) LogoutHandler(w http.ResponseWriter, r *http.Request)
LogoutHandler - GET /logout
type Oauth2Handler ¶
type Oauth2Handler struct { Params // contains filtered or unexported fields }
Oauth2Handler implements /login, /callback and /logout handlers from aouth2 flow
func NewBattlenet ¶
func NewBattlenet(p Params) Oauth2Handler
NewBattlenet makes Battle.net oauth2 provider
func NewCustom ¶
func NewCustom(name string, p Params, copts CustomHandlerOpt) Oauth2Handler
NewCustom creates a handler for go-oauth2/oauth2 server
func NewFacebook ¶
func NewFacebook(p Params) Oauth2Handler
NewFacebook makes facebook oauth2 provider
func NewMicrosoft ¶
func NewMicrosoft(p Params) Oauth2Handler
NewMicrosoft makes microsoft azure oauth2 provider
func (Oauth2Handler) AuthHandler ¶
func (p Oauth2Handler) AuthHandler(w http.ResponseWriter, r *http.Request)
AuthHandler fills user info and redirects to "from" url. This is callback url redirected locally by browser GET /callback
func (Oauth2Handler) LoginHandler ¶
func (p Oauth2Handler) LoginHandler(w http.ResponseWriter, r *http.Request)
LoginHandler - GET /login?from=redirect-back-url&[site|aud]=siteID&session=1&noava=1
func (Oauth2Handler) LogoutHandler ¶
func (p Oauth2Handler) LogoutHandler(w http.ResponseWriter, r *http.Request)
LogoutHandler - GET /logout
type Params ¶
type Params struct { logger.L URL string JwtService TokenService Cid string Csecret string Issuer string AvatarSaver AvatarSaver UserAttributes UserAttributes OnFinishCb func(*token.User) error // optional callback to call after successful login Port int // relevant for providers supporting port customization, for example dev oauth2 Host string // relevant for providers supporting host customization, for example dev oauth2 }
Params to make initialized and ready to use provider
type PrivateKeyLoaderInterface ¶
PrivateKeyLoaderInterface interface for implement custom loader for Apple private key from user source
type Provider ¶
type Provider interface { Name() string LoginHandler(w http.ResponseWriter, r *http.Request) AuthHandler(w http.ResponseWriter, r *http.Request) LogoutHandler(w http.ResponseWriter, r *http.Request) }
Provider defines interface for auth handler
type SenderFunc ¶
SenderFunc type is an adapter to allow the use of ordinary functions as Sender.
func (SenderFunc) Send ¶
func (f SenderFunc) Send(address, text string) error
Send calls f(address,text) to implement Sender interface
type Service ¶
type Service struct {
Provider
}
Service represents oauth2 provider. Adds Handler method multiplexing login, auth and logout requests
type TelegramAPI ¶
type TelegramAPI interface { GetUpdates(ctx context.Context) (*telegramUpdate, error) Avatar(ctx context.Context, userID int) (string, error) Send(ctx context.Context, id int, text string) error BotInfo(ctx context.Context) (*botInfo, error) }
TelegramAPI is used for interacting with telegram API
func NewTelegramAPI ¶
func NewTelegramAPI(token string, client *http.Client) TelegramAPI
NewTelegramAPI returns initialized TelegramAPI implementation
type TelegramHandler ¶
type TelegramHandler struct { logger.L ProviderName string ErrorMsg, SuccessMsg string TokenService TokenService AvatarSaver AvatarSaver Telegram TelegramAPI // contains filtered or unexported fields }
TelegramHandler implements login via telegram
func (*TelegramHandler) AuthHandler ¶
func (th *TelegramHandler) AuthHandler(_ http.ResponseWriter, _ *http.Request)
AuthHandler does nothing since we don't have any callbacks
func (*TelegramHandler) LoginHandler ¶
func (th *TelegramHandler) LoginHandler(w http.ResponseWriter, r *http.Request)
LoginHandler generates and verifies login requests
func (*TelegramHandler) LogoutHandler ¶
func (th *TelegramHandler) LogoutHandler(w http.ResponseWriter, _ *http.Request)
LogoutHandler - GET /logout
func (*TelegramHandler) ProcessUpdate ¶
func (th *TelegramHandler) ProcessUpdate(ctx context.Context, textUpdate string) error
ProcessUpdate is alternative to Run, it processes provided plain text update from Telegram so that caller could get updates and send it not only there but to multiple sources
func (*TelegramHandler) Run ¶
func (th *TelegramHandler) Run(ctx context.Context) error
Run starts processing login requests sent in Telegram Blocks caller
func (*TelegramHandler) String ¶
func (th *TelegramHandler) String() string
String representation of the provider
type TokenService ¶
type TokenService interface { Parse(tokenString string) (claims token.Claims, err error) Set(w http.ResponseWriter, claims token.Claims) (token.Claims, error) Get(r *http.Request) (claims token.Claims, token string, err error) Reset(w http.ResponseWriter) }
TokenService defines interface accessing tokens
type UserAttributes ¶
type UserData ¶
type UserData map[string]interface{}
UserData is type for user information returned from oauth2 providers /info API method
type UserIDFunc ¶
UserIDFunc allows to provide custom func making userID instead of the default based on user's name hash
type VerifTokenService ¶
type VerifTokenService interface { Token(claims token.Claims) (string, error) Parse(tokenString string) (claims token.Claims, err error) IsExpired(claims token.Claims) bool Set(w http.ResponseWriter, claims token.Claims) (token.Claims, error) Reset(w http.ResponseWriter) }
VerifTokenService defines interface accessing tokens
type VerifyHandler ¶
type VerifyHandler struct { logger.L ProviderName string TokenService VerifTokenService Issuer string AvatarSaver AvatarSaver Sender Sender Template string UseGravatar bool }
VerifyHandler implements non-oauth2 provider authorizing users with some confirmation. can be email, IM or anything else implementing Sender interface
func (VerifyHandler) AuthHandler ¶
func (e VerifyHandler) AuthHandler(http.ResponseWriter, *http.Request)
AuthHandler doesn't do anything for direct login as it has no callbacks
func (VerifyHandler) LoginHandler ¶
func (e VerifyHandler) LoginHandler(w http.ResponseWriter, r *http.Request)
LoginHandler gets name and address from query, makes confirmation token and sends it to user. In case if confirmation token presented in the query uses it to create auth token
func (VerifyHandler) LogoutHandler ¶
func (e VerifyHandler) LogoutHandler(w http.ResponseWriter, _ *http.Request)
LogoutHandler - GET /logout