provider

package
v0.0.6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 16, 2023 License: MIT Imports: 40 Imported by: 0

Documentation

Overview

Package provider implements all oauth2, oauth1 as well as custom and direct providers

Index

Constants

View Source
const (

	// AcceptJSONHeader is the content to accept from response
	AcceptJSONHeader = "application/json"
)
View Source
const (
	// MaxHTTPBodySize defines max http body size
	MaxHTTPBodySize = 1024 * 1024
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AppleConfig

type AppleConfig struct {
	ClientID     string // the identifier Services ID for your app created in Apple developer account.
	TeamID       string // developer Team ID (10 characters), required for create JWT. It available, after signed in at developer account, by link: https://developer.apple.com/account/#/membership
	KeyID        string // private key ID  assigned to private key obtain in Apple developer account
	ResponseMode string // changes method of receiving data in callback. Default value "form_post" (https://developer.apple.com/documentation/sign_in_with_apple/request_an_authorization_to_the_sign_in_with_apple_server?changes=_1_2#4066168)
	// contains filtered or unexported fields
}

AppleConfig is the main oauth2 required parameters for "Sign in with Apple"

type AppleHandler

type AppleHandler struct {
	Params

	PrivateKeyLoader PrivateKeyLoaderInterface // custom function interface for load private key
	// contains filtered or unexported fields
}

AppleHandler implements login via Apple ID

func NewApple

func NewApple(p Params, appleCfg AppleConfig, privateKeyLoader PrivateKeyLoaderInterface) (*AppleHandler, error)

NewApple create new AppleProvider instance with a user parameters Private key must be set, when instance create call, for create `client_secret`

func (AppleHandler) AuthHandler

func (ah AppleHandler) AuthHandler(w http.ResponseWriter, r *http.Request)

AuthHandler fills user info and redirects to "from" url. This is callback url redirected locally by browser GET /callback

func (*AppleHandler) LoginHandler

func (ah *AppleHandler) LoginHandler(w http.ResponseWriter, r *http.Request)

LoginHandler - GET */{provider-name}/login

func (AppleHandler) LogoutHandler

func (ah AppleHandler) LogoutHandler(w http.ResponseWriter, r *http.Request)

LogoutHandler - GET /logout

func (*AppleHandler) Name

func (ah *AppleHandler) Name() string

Name of the provider

type AvatarSaver

type AvatarSaver interface {
	Put(u token.User, client *http.Client) (avatarURL string, err error)
}

AvatarSaver defines minimal interface to save avatar

type BearerTokenHook

type BearerTokenHook func(provider string, user token.User, token oauth2.Token)

BearerTokenHook accepts provider name, user and token, received during oauth2 authentication

type CredChecker

type CredChecker interface {
	Check(user, password string) (ok bool, err error)
}

CredChecker defines interface to check credentials

type CredCheckerFunc

type CredCheckerFunc func(user, password string) (ok bool, err error)

CredCheckerFunc type is an adapter to allow the use of ordinary functions as CredsChecker.

func (CredCheckerFunc) Check

func (f CredCheckerFunc) Check(user, password string) (ok bool, err error)

Check calls f(user,passwd)

type CustomHandlerOpt

type CustomHandlerOpt struct {
	Endpoint          oauth2.Endpoint
	InfoURL           string
	MapUserFn         func(UserData, []byte) token.User
	BearerTokenHookFn BearerTokenHook
	Scopes            []string
}

CustomHandlerOpt are options to initialize a handler for oauth2 server

type CustomServer

type CustomServer struct {
	logger.L
	URL              string                                       // root url for custom oauth2 server
	WithLoginPage    bool                                         // redirect to login html page if true
	LoginPageHandler func(w http.ResponseWriter, r *http.Request) // handler for user-defined login page
	OauthServer      *goauth2.Server                              // an instance of go-oauth2/oauth2 server
	HandlerOpt       CustomHandlerOpt
	// contains filtered or unexported fields
}

CustomServer is a wrapper over go-oauth2/oauth2 server running on its own port

func NewCustomServer

func NewCustomServer(srv *goauth2.Server, sopts CustomServerOpt) *CustomServer

NewCustomServer is helper function to initiate a customer server and prefill options needed for provider registration (see Service.AddCustomProvider)

func (*CustomServer) Run

func (c *CustomServer) Run(ctx context.Context)

Run starts serving on port from c.URL

func (*CustomServer) Shutdown

func (c *CustomServer) Shutdown()

Shutdown go-oauth2/oauth2 server

type CustomServerOpt

type CustomServerOpt struct {
	logger.L
	URL              string
	WithLoginPage    bool
	LoginPageHandler func(w http.ResponseWriter, r *http.Request)
}

CustomServerOpt are options to initialize a custom go-oauth2/oauth2 server

type DevAuthServer

type DevAuthServer struct {
	logger.L
	Provider   Oauth2Handler
	Automatic  bool
	GetEmailFn func(string) string
	// contains filtered or unexported fields
}

DevAuthServer is a fake oauth server for development it provides stand-alone server running on its own port and pretending to be the real oauth2. It also provides Dev Provider the same way as normal providers do, i.e. like github, google and others. can run in interactive and non-interactive mode. In interactive mode login attempts will show login form to select desired user name, this is the mode used for development. Non-interactive mode for tests only.

func (*DevAuthServer) Run

func (d *DevAuthServer) Run(ctx context.Context)

Run oauth2 dev server on port devAuthPort

func (*DevAuthServer) Shutdown

func (d *DevAuthServer) Shutdown()

Shutdown oauth2 dev server

type DirectHandler

type DirectHandler struct {
	logger.L
	CredChecker  CredChecker
	ProviderName string
	TokenService TokenService
	Issuer       string
	AvatarSaver  AvatarSaver
	UserIDFunc   UserIDFunc
}

DirectHandler implements non-oauth2 provider authorizing user in traditional way with storage with users and hashes

func (DirectHandler) AuthHandler

func (p DirectHandler) AuthHandler(http.ResponseWriter, *http.Request)

AuthHandler doesn't do anything for direct login as it has no callbacks

func (DirectHandler) LoginHandler

func (p DirectHandler) LoginHandler(w http.ResponseWriter, r *http.Request)

LoginHandler checks "user" and "passwd" against data store and makes jwt if all passed.

GET /something?user=name&passwd=xyz&aud=bar&sess=[0|1]

POST /something?sess[0|1] Accepts application/x-www-form-urlencoded or application/json encoded requests.

application/x-www-form-urlencoded body example: user=name&passwd=xyz&aud=bar

application/json body example:

{
  "user": "name",
  "passwd": "xyz",
  "aud": "bar",
}

func (DirectHandler) LogoutHandler

func (p DirectHandler) LogoutHandler(w http.ResponseWriter, _ *http.Request)

LogoutHandler - GET /logout

func (DirectHandler) Name

func (p DirectHandler) Name() string

Name of the handler

type LoadFromFileFunc

type LoadFromFileFunc struct {
	Path string
}

LoadFromFileFunc is the type for use pre-defined private key loader function Path field must be set with actual path to private key file

func LoadApplePrivateKeyFromFile

func LoadApplePrivateKeyFromFile(path string) LoadFromFileFunc

LoadApplePrivateKeyFromFile return instance for pre-defined loader function from local file

func (LoadFromFileFunc) LoadPrivateKey

func (lf LoadFromFileFunc) LoadPrivateKey() ([]byte, error)

LoadPrivateKey implement pre-defined (built-in) PrivateKeyLoaderInterface interface method for load private key from local file

type Oauth1Handler

type Oauth1Handler struct {
	Params
	// contains filtered or unexported fields
}

Oauth1Handler implements /login, /callback and /logout handlers for oauth1 flow

func NewTwitter

func NewTwitter(p Params) Oauth1Handler

NewTwitter makes twitter oauth2 provider

func (Oauth1Handler) AuthHandler

func (h Oauth1Handler) AuthHandler(w http.ResponseWriter, r *http.Request)

AuthHandler fills user info and redirects to "from" url. This is callback url redirected locally by browser GET /callback

func (Oauth1Handler) LoginHandler

func (h Oauth1Handler) LoginHandler(w http.ResponseWriter, r *http.Request)

LoginHandler - GET /login?from=redirect-back-url&site=siteID&session=1

func (Oauth1Handler) LogoutHandler

func (h Oauth1Handler) LogoutHandler(w http.ResponseWriter, r *http.Request)

LogoutHandler - GET /logout

func (Oauth1Handler) Name

func (h Oauth1Handler) Name() string

Name returns provider name

type Oauth2Handler

type Oauth2Handler struct {
	Params
	// contains filtered or unexported fields
}

Oauth2Handler implements /login, /callback and /logout handlers from aouth2 flow

func NewBattlenet

func NewBattlenet(p Params) Oauth2Handler

NewBattlenet makes Battle.net oauth2 provider

func NewCustom

func NewCustom(name string, p Params, copts CustomHandlerOpt) Oauth2Handler

NewCustom creates a handler for go-oauth2/oauth2 server

func NewDev

func NewDev(p Params) Oauth2Handler

NewDev makes dev oauth2 provider for admin user

func NewFacebook

func NewFacebook(p Params) Oauth2Handler

NewFacebook makes facebook oauth2 provider

func NewGithub

func NewGithub(p Params) Oauth2Handler

NewGithub makes github oauth2 provider

func NewGoogle

func NewGoogle(p Params) Oauth2Handler

NewGoogle makes google oauth2 provider

func NewMicrosoft

func NewMicrosoft(p Params) Oauth2Handler

NewMicrosoft makes microsoft azure oauth2 provider

func NewPatreon

func NewPatreon(p Params) Oauth2Handler

NewPatreon makes patreon oauth2 provider

func NewYandex

func NewYandex(p Params) Oauth2Handler

NewYandex makes yandex oauth2 provider

func (Oauth2Handler) AuthHandler

func (p Oauth2Handler) AuthHandler(w http.ResponseWriter, r *http.Request)

AuthHandler fills user info and redirects to "from" url. This is callback url redirected locally by browser GET /callback

func (Oauth2Handler) LoginHandler

func (p Oauth2Handler) LoginHandler(w http.ResponseWriter, r *http.Request)

LoginHandler - GET /login?from=redirect-back-url&[site|aud]=siteID&session=1&noava=1

func (Oauth2Handler) LogoutHandler

func (p Oauth2Handler) LogoutHandler(w http.ResponseWriter, r *http.Request)

LogoutHandler - GET /logout

func (Oauth2Handler) Name

func (p Oauth2Handler) Name() string

Name returns provider name

type Params

type Params struct {
	logger.L
	URL            string
	JwtService     TokenService
	Cid            string
	Csecret        string
	Issuer         string
	AvatarSaver    AvatarSaver
	UserAttributes UserAttributes
	OnFinishCb     func(*token.User) error // optional callback to call after successful login

	Port int    // relevant for providers supporting port customization, for example dev oauth2
	Host string // relevant for providers supporting host customization, for example dev oauth2
}

Params to make initialized and ready to use provider

type PrivateKeyLoaderInterface

type PrivateKeyLoaderInterface interface {
	LoadPrivateKey() ([]byte, error)
}

PrivateKeyLoaderInterface interface for implement custom loader for Apple private key from user source

type Provider

type Provider interface {
	Name() string
	LoginHandler(w http.ResponseWriter, r *http.Request)
	AuthHandler(w http.ResponseWriter, r *http.Request)
	LogoutHandler(w http.ResponseWriter, r *http.Request)
}

Provider defines interface for auth handler

type Sender

type Sender interface {
	Send(address, text string) error
}

Sender defines interface to send emails

type SenderFunc

type SenderFunc func(address, text string) error

SenderFunc type is an adapter to allow the use of ordinary functions as Sender.

func (SenderFunc) Send

func (f SenderFunc) Send(address, text string) error

Send calls f(address,text) to implement Sender interface

type Service

type Service struct {
	Provider
}

Service represents oauth2 provider. Adds Handler method multiplexing login, auth and logout requests

func NewService

func NewService(p Provider) Service

NewService makes service for given provider

func (Service) Handler

func (p Service) Handler(w http.ResponseWriter, r *http.Request)

Handler returns auth routes for given provider

type TelegramAPI

type TelegramAPI interface {
	GetUpdates(ctx context.Context) (*telegramUpdate, error)
	Avatar(ctx context.Context, userID int) (string, error)
	Send(ctx context.Context, id int, text string) error
	BotInfo(ctx context.Context) (*botInfo, error)
}

TelegramAPI is used for interacting with telegram API

func NewTelegramAPI

func NewTelegramAPI(token string, client *http.Client) TelegramAPI

NewTelegramAPI returns initialized TelegramAPI implementation

type TelegramHandler

type TelegramHandler struct {
	logger.L

	ProviderName         string
	ErrorMsg, SuccessMsg string

	TokenService TokenService
	AvatarSaver  AvatarSaver
	Telegram     TelegramAPI
	// contains filtered or unexported fields
}

TelegramHandler implements login via telegram

func (*TelegramHandler) AuthHandler

func (th *TelegramHandler) AuthHandler(_ http.ResponseWriter, _ *http.Request)

AuthHandler does nothing since we don't have any callbacks

func (*TelegramHandler) LoginHandler

func (th *TelegramHandler) LoginHandler(w http.ResponseWriter, r *http.Request)

LoginHandler generates and verifies login requests

func (*TelegramHandler) LogoutHandler

func (th *TelegramHandler) LogoutHandler(w http.ResponseWriter, _ *http.Request)

LogoutHandler - GET /logout

func (*TelegramHandler) Name

func (th *TelegramHandler) Name() string

Name of the provider

func (*TelegramHandler) ProcessUpdate

func (th *TelegramHandler) ProcessUpdate(ctx context.Context, textUpdate string) error

ProcessUpdate is alternative to Run, it processes provided plain text update from Telegram so that caller could get updates and send it not only there but to multiple sources

func (*TelegramHandler) Run

func (th *TelegramHandler) Run(ctx context.Context) error

Run starts processing login requests sent in Telegram Blocks caller

func (*TelegramHandler) String

func (th *TelegramHandler) String() string

String representation of the provider

type TokenService

type TokenService interface {
	Parse(tokenString string) (claims token.Claims, err error)
	Set(w http.ResponseWriter, claims token.Claims) (token.Claims, error)
	Get(r *http.Request) (claims token.Claims, token string, err error)
	Reset(w http.ResponseWriter)
}

TokenService defines interface accessing tokens

type UserAttributes

type UserAttributes map[string]string

type UserData

type UserData map[string]interface{}

UserData is type for user information returned from oauth2 providers /info API method

func (UserData) Value

func (u UserData) Value(key string) string

Value returns value for key or empty string if not found

type UserIDFunc

type UserIDFunc func(user string, r *http.Request) string

UserIDFunc allows to provide custom func making userID instead of the default based on user's name hash

type VerifTokenService

type VerifTokenService interface {
	Token(claims token.Claims) (string, error)
	Parse(tokenString string) (claims token.Claims, err error)
	IsExpired(claims token.Claims) bool
	Set(w http.ResponseWriter, claims token.Claims) (token.Claims, error)
	Reset(w http.ResponseWriter)
}

VerifTokenService defines interface accessing tokens

type VerifyHandler

type VerifyHandler struct {
	logger.L
	ProviderName string
	TokenService VerifTokenService
	Issuer       string
	AvatarSaver  AvatarSaver
	Sender       Sender
	Template     string
	UseGravatar  bool
}

VerifyHandler implements non-oauth2 provider authorizing users with some confirmation. can be email, IM or anything else implementing Sender interface

func (VerifyHandler) AuthHandler

func (e VerifyHandler) AuthHandler(http.ResponseWriter, *http.Request)

AuthHandler doesn't do anything for direct login as it has no callbacks

func (VerifyHandler) LoginHandler

func (e VerifyHandler) LoginHandler(w http.ResponseWriter, r *http.Request)

LoginHandler gets name and address from query, makes confirmation token and sends it to user. In case if confirmation token presented in the query uses it to create auth token

func (VerifyHandler) LogoutHandler

func (e VerifyHandler) LogoutHandler(w http.ResponseWriter, _ *http.Request)

LogoutHandler - GET /logout

func (VerifyHandler) Name

func (e VerifyHandler) Name() string

Name of the handler

Directories

Path Synopsis
Package sender provides email sender
Package sender provides email sender

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL