oauth

package
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 10, 2019 License: MIT Imports: 20 Imported by: 4

Documentation

Overview

Package oauth implements some helper wrappers ontop of the existing google implementation of oauth.

Index

Constants

This section is empty.

Variables

View Source 
var (
	// DefaultScopes is the default oauth scopes.
	DefaultScopes = []string{
		"openid",
		"email",
		"profile",
	}
)

Functions

func SerializeState 

func SerializeState(state State) (output string, err error)

SerializeState serializes the oauth state.

Types

type Any 

type Any = interface{}

Any is a loose type alias to interface{}

type Config 

type Config struct {
	// Secret is an encryption key used to verify oauth state.
	Secret string `json:"secret,omitempty" yaml:"secret,omitempty" env:"OAUTH_SECRET"`
	// RedirectURI is the oauth return url.
	RedirectURI string `json:"redirectURI" yaml:"redirectURI" env:"OAUTH_REDIRECT_URI"`
	// HostedDomain is a specific domain we want to filter identities to.
	HostedDomain string `json:"hostedDomain" yaml:"hostedDomain" env:"OAUTH_HOSTED_DOMAIN"`

	Scopes []string `json:"scopes" yaml:"scopes"`

	// ClientID is part of the oauth credential pair.
	ClientID string `json:"clientID" yaml:"clientID" env:"OAUTH_CLIENT_ID"`
	// ClientSecret is part of the oauth credential pair.
	ClientSecret string `json:"clientSecret" yaml:"clientSecret" env:"OAUTH_CLIENT_SECRET"`
}

Config is the config options.

func MustNewConfigFromEnv 

func MustNewConfigFromEnv() *Config

MustNewConfigFromEnv returns a new config from the environment and panics if there is an error.

func NewConfigFromEnv 

func NewConfigFromEnv() (*Config, error)

NewConfigFromEnv creates a new config from the environment.

func (Config) GetClientID 

func (c Config) GetClientID(inherited ...string) string

GetClientID returns a property or a default.

func (Config) GetClientSecret 

func (c Config) GetClientSecret(inherited ...string) string

GetClientSecret returns a property or a default.

func (Config) GetHostedDomain 

func (c Config) GetHostedDomain(inherited ...string) string

GetHostedDomain returns a property or a default.

func (Config) GetRedirectURI 

func (c Config) GetRedirectURI(inherited ...string) string

GetRedirectURI returns a property or a default.

func (Config) GetScopes 

func (c Config) GetScopes(inherited ...[]string) []string

GetScopes gets oauth scopes to authenticate with.

func (Config) GetSecret 

func (c Config) GetSecret(defaults ...[]byte) ([]byte, error)

GetSecret gets the secret if set or a default.

func (Config) IsZero 

func (c Config) IsZero() bool

IsZero returns if the config is set or not.

type Error 

type Error string

Error is an error string. 

const (
	// ErrCodeMissing is returned if the code was missing from an oauth return request.
	ErrCodeMissing Error = "state missing from request"
	// ErrStateMissing is returned if the state was missing from an oauth return request.
	ErrStateMissing Error = "state missing from request"
	// ErrInvalidHostedDomain is an error returned if the JWT hosted zone doesn't match any of the whitelisted domains.
	ErrInvalidHostedDomain Error = "hosted domain validation failed"
	// ErrInvalidAntiforgeryToken is an error returns on oauth finish that indicates we didn't originate the auth request.
	ErrInvalidAntiforgeryToken Error = "invalid anti-forgery token"

	// ErrFailedCodeExchange happens if the code exchange for an access token fails.
	ErrFailedCodeExchange Error = "oauth code exchange failed"
	// ErrGoogleResponseStatus is an error that can occur when querying the google apis.
	ErrGoogleResponseStatus Error = "google returned a non 2xx response"

	// ErrProfileJSONUnmarshal is an error returned if the json unmarshal failed.
	ErrProfileJSONUnmarshal Error = "profile json unmarshal failed"

	// ErrSecretRequired is a configuration error indicating we did not provide a secret.
	ErrSecretRequired Error = "manager secret required"
	// ErrClientIDRequired is a self validation error.
	ErrClientIDRequired Error = "clientID is required"
	// ErrClientSecretRequired is a self validation error.
	ErrClientSecretRequired Error = "clientSecret is required"
	// ErrRedirectURIRequired is a self validation error.
	ErrRedirectURIRequired Error = "redirectURI is required"
	// ErrInvalidRedirectURI is an error in validating the redirect uri.
	ErrInvalidRedirectURI Error = "invalid redirectURI"
)

func (Error) Error 

func (e Error) Error() string

Error returns the error as a string.

type Labels 

type Labels = map[string]string

Labels is a loose type alias to map[string]string

type Manager 

type Manager struct {
	// contains filtered or unexported fields
}

Manager is the oauth manager.

func Must 

func Must(m *Manager, err error) *Manager

Must is a helper for handling NewFromEnv() and NewFromConfig().

func MustNewFromEnv 

func MustNewFromEnv() *Manager

MustNewFromEnv returns a new manager from the environment and will panic if there is an error.

func New 

func New() *Manager

New returns a new manager. By default it will error if you try and validate a profile. You must either enable `SkipDomainvalidation` or provide valid domains.

func NewFromConfig 

func NewFromConfig(cfg *Config) (*Manager, error)

NewFromConfig returns a new oauth manager from a config.

func NewFromEnv 

func NewFromEnv() (*Manager, error)

NewFromEnv returns a new manager from the environment.

func (*Manager) ClientID 

func (m *Manager) ClientID() string

ClientID returns a property.

func (*Manager) ClientSecret 

func (m *Manager) ClientSecret() string

ClientSecret returns a client secret.

func (*Manager) CreateState 

func (m *Manager) CreateState(redirect ...string) (state State)

CreateState creates auth state.

func (*Manager) FetchProfile 

func (m *Manager) FetchProfile(ctx context.Context, accessToken string) (profile Profile, err error)

FetchProfile gets a google profile for an access token.

func (*Manager) Finish 

func (m *Manager) Finish(r *http.Request) (result *Result, err error)

Finish processes the returned code, exchanging for an access token, and fetches the user profile.

func (*Manager) HostedDomain 

func (m *Manager) HostedDomain() string

HostedDomain returns the hosted domain.

func (*Manager) OAuthURL 

func (m *Manager) OAuthURL(r *http.Request, redirect ...string) (oauthURL string, err error)

OAuthURL is the auth url for google with a given clientID. This is typically the link that a user will click on to start the auth process.

func (*Manager) RedirectURI 

func (m *Manager) RedirectURI() string

RedirectURI returns a property.

func (*Manager) RequestCreator 

func (m *Manager) RequestCreator() *request.Factory

RequestCreator returns the request creator.

func (*Manager) Scopes 

func (m *Manager) Scopes() []string

Scopes returns the oauth scopes.

func (*Manager) Secret 

func (m *Manager) Secret() []byte

Secret returns a property

func (*Manager) Tracer 

func (m *Manager) Tracer() Tracer

Tracer returns the tracer.

func (*Manager) ValidateProfile 

func (m *Manager) ValidateProfile(p *Profile) error

ValidateProfile validates a profile.

func (*Manager) ValidateState 

func (m *Manager) ValidateState(state State) error

ValidateState validates oauth state.

func (*Manager) WithClientID 

func (m *Manager) WithClientID(clientID string) *Manager

WithClientID sets the client id.

func (*Manager) WithClientSecret 

func (m *Manager) WithClientSecret(clientSecret string) *Manager

WithClientSecret sets the client id.

func (*Manager) WithHostedDomain 

func (m *Manager) WithHostedDomain(hostedDomain string) *Manager

WithHostedDomain returns the hosted domain.

func (*Manager) WithRedirectURI 

func (m *Manager) WithRedirectURI(redirectURI string) *Manager

WithRedirectURI sets the return url.

func (*Manager) WithScopes 

func (m *Manager) WithScopes(scopes ...string) *Manager

WithScopes sets the oauth scopes.

func (*Manager) WithSecret 

func (m *Manager) WithSecret(secret []byte) *Manager

WithSecret sets the secret used to create state tokens.

func (*Manager) WithTracer 

func (m *Manager) WithTracer(tracer Tracer) *Manager

WithTracer sets the oauth manager tracer.

type Profile 

type Profile struct {
	ID            string `json:"id"`
	Email         string `json:"email"`
	VerifiedEmail bool   `json:"verified_email"`
	Name          string `json:"name"`
	GivenName     string `json:"given_name"`
	FamilyName    string `json:"family_name"`
	Link          string `json:"link"`
	Gender        string `json:"gender"`
	Locale        string `json:"locale"`
	PictureURL    string `json:"picture"`
}

Profile is a profile with google.

func (Profile) Username 

func (p Profile) Username() string

Username returns the <username>@fqdn component of the email address.

type Response 

type Response struct {
	AccessToken  string
	TokenType    string
	RefreshToken string
	Expiry       time.Time
}

Response is the response details from the oauth exchange.

type Result 

type Result struct {
	Response Response
	Profile  Profile
	State    State
}

Result is the final result of the oauth exchange. It is the user profile of the user and the state information.

type State 

type State struct {
	// Token is a plaintext random token.
	Token string
	// SecureToken is the hashed version of the token.
	// If a key is set, it validates that our app created the oauth state.
	SecureToken string
	// RedirectURL is the redirect url.
	RedirectURL string
}

State is the oauth state.

func DeserializeState 

func DeserializeState(raw string) (state State, err error)

DeserializeState deserializes the oauth state.

type TraceFinisher 

type TraceFinisher interface {
	Finish(*http.Request, *Result, error)
}

TraceFinisher is a finisher for a trace.

type Tracer 

type Tracer interface {
	Start(r *http.Request) TraceFinisher
}

Tracer is a trace shim.

type Values 

type Values = map[string]interface{}

Values is a loose type alias to map[string]interface{}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.