Documentation ¶
Overview ¶
Package `apple` implements the OAuth2 protocol for authenticating users through Apple. This package can be used as a reference implementation of an OAuth2 provider for goth.
Index ¶
- Constants
- func MakeSecret(sp SecretParams) (*string, error)
- type ID
- type IDTokenClaims
- type Provider
- func (p Provider) BeginAuth(state string) (goth.Session, error)
- func (p Provider) Client() *http.Client
- func (p Provider) ClientId() string
- func (Provider) Debug(bool)
- func (p Provider) FetchUser(session goth.Session) (goth.User, error)
- func (p Provider) Name() string
- func (p Provider) RedirectURL() string
- func (p Provider) RefreshToken(refreshToken string) (*oauth2.Token, error)
- func (Provider) RefreshTokenAvailable() bool
- func (p Provider) Secret() string
- func (p *Provider) SetName(name string)
- func (Provider) UnmarshalSession(data string) (goth.Session, error)
- type SecretParams
- type Session
Constants ¶
const ( ScopeEmail = "email" ScopeName = "name" AppleAudOrIss = "https://appleid.apple.com" )
Variables ¶
This section is empty.
Functions ¶
func MakeSecret ¶
func MakeSecret(sp SecretParams) (*string, error)
Types ¶
type IDTokenClaims ¶
type Provider ¶
type Provider struct {
// contains filtered or unexported fields
}
func (Provider) FetchUser ¶
Apple doesn't seem to provide a user profile endpoint like all the other providers do. Therefore this will return a User with the unique identifier obtained through authorization as the only identifying attribute. A full name and email can be obtained from the form post response (parameter 'user') to the redirect page following authentication, if the name and email scopes are requested. Additionally, if the response type is form_post and the email scope is requested, the email will be encoded into the ID token in the email claim.