oauth

package
v2.0.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 1, 2019 License: MIT Imports: 21 Imported by: 4

Documentation

Overview

Package oauth implements some helper wrappers ontop of the existing google implementation of oauth.

Index

Constants

This section is empty.

Variables

View Source 
var (
	// DefaultScopes is the default oauth scopes.
	DefaultScopes = []string{
		"openid",
		"email",
		"profile",
	}
)

Functions

func SerializeState 

func SerializeState(state State) (output string, err error)

SerializeState serializes the oauth state.

Types

type Any 

type Any = interface{}

Any is a loose type alias to interface{}

type Config 

type Config struct {
	// Secret is an encryption key used to verify oauth state.
	Secret string `json:"secret,omitempty" yaml:"secret,omitempty" env:"OAUTH_SECRET"`
	// RedirectURI is the oauth return url.
	RedirectURI string `json:"redirectURI,omitempty" yaml:"redirectURI,omitempty" env:"OAUTH_REDIRECT_URI"`
	// HostedDomain is a specific domain we want to filter identities to.
	HostedDomain string `json:"hostedDomain,omitempty" yaml:"hostedDomain,omitempty" env:"OAUTH_HOSTED_DOMAIN"`

	Scopes []string `json:"scopes,omitempty" yaml:"scopes,omitempty"`

	// ClientID is part of the oauth credential pair.
	ClientID string `json:"clientID,omitempty" yaml:"clientID,omitempty" env:"OAUTH_CLIENT_ID"`
	// ClientSecret is part of the oauth credential pair.
	ClientSecret string `json:"clientSecret,omitempty" yaml:"clientSecret,omitempty" env:"OAUTH_CLIENT_SECRET"`
}

Config is the config options.

func MustNewConfigFromEnv 

func MustNewConfigFromEnv() *Config

MustNewConfigFromEnv returns a new config from the environment and panics if there is an error.

func NewConfigFromEnv 

func NewConfigFromEnv() (*Config, error)

NewConfigFromEnv creates a new config from the environment.

func (Config) GetClientID 

func (c Config) GetClientID(inherited ...string) string

GetClientID returns a property or a default.

func (Config) GetClientSecret 

func (c Config) GetClientSecret(inherited ...string) string

GetClientSecret returns a property or a default.

func (Config) GetHostedDomain 

func (c Config) GetHostedDomain(inherited ...string) string

GetHostedDomain returns a property or a default.

func (Config) GetRedirectURI 

func (c Config) GetRedirectURI(inherited ...string) string

GetRedirectURI returns a property or a default.

func (Config) GetScopes 

func (c Config) GetScopes(inherited ...[]string) []string

GetScopes gets oauth scopes to authenticate with.

func (Config) GetSecret 

func (c Config) GetSecret(defaults ...[]byte) ([]byte, error)

GetSecret gets the secret if set or a default.

func (Config) IsZero 

func (c Config) IsZero() bool

IsZero returns if the config is set or not.

type Error 

type Error string

Error is an error string. 

const (
	// ErrCodeMissing is returned if the code was missing from an oauth return request.
	ErrCodeMissing Error = "state missing from request"
	// ErrStateMissing is returned if the state was missing from an oauth return request.
	ErrStateMissing Error = "state missing from request"
	// ErrInvalidHostedDomain is an error returned if the JWT hosted zone doesn't match any of the whitelisted domains.
	ErrInvalidHostedDomain Error = "hosted domain validation failed"
	// ErrInvalidAntiforgeryToken is an error returns on oauth finish that indicates we didn't originate the auth request.
	ErrInvalidAntiforgeryToken Error = "invalid anti-forgery token"

	// ErrFailedCodeExchange happens if the code exchange for an access token fails.
	ErrFailedCodeExchange Error = "oauth code exchange failed"
	// ErrGoogleResponseStatus is an error that can occur when querying the google apis.
	ErrGoogleResponseStatus Error = "google returned a non 2xx response"

	// ErrProfileJSONUnmarshal is an error returned if the json unmarshal failed.
	ErrProfileJSONUnmarshal Error = "profile json unmarshal failed"

	// ErrSecretRequired is a configuration error indicating we did not provide a secret.
	ErrSecretRequired Error = "manager secret required"
	// ErrClientIDRequired is a self validation error.
	ErrClientIDRequired Error = "clientID is required"
	// ErrClientSecretRequired is a self validation error.
	ErrClientSecretRequired Error = "clientSecret is required"
	// ErrRedirectURIRequired is a self validation error.
	ErrRedirectURIRequired Error = "redirectURI is required"
	// ErrInvalidRedirectURI is an error in validating the redirect uri.
	ErrInvalidRedirectURI Error = "invalid redirectURI"
)

func (Error) Error 

func (e Error) Error() string

Error returns the error as a string.

type Labels 

type Labels = map[string]string

Labels is a loose type alias to map[string]string

type Manager 

type Manager struct {
	// contains filtered or unexported fields
}

Manager is the oauth manager.

func Must 

func Must(m *Manager, err error) *Manager

Must is a helper for handling NewFromEnv() and NewFromConfig().

func MustNewFromEnv 

func MustNewFromEnv() *Manager

MustNewFromEnv returns a new manager from the environment and will panic if there is an error.

func New 

func New() *Manager

New returns a new manager. By default it will error if you try and validate a profile. You must either enable `SkipDomainvalidation` or provide valid domains.

func NewFromConfig 

func NewFromConfig(cfg *Config) (*Manager, error)

NewFromConfig returns a new oauth manager from a config.

func NewFromEnv 

func NewFromEnv() (*Manager, error)

NewFromEnv returns a new manager from the environment.

func (*Manager) ClientID 

func (m *Manager) ClientID() string

ClientID returns a property.

func (*Manager) ClientSecret 

func (m *Manager) ClientSecret() string

ClientSecret returns a client secret.

func (*Manager) CreateState 

func (m *Manager) CreateState(options ...StateOption) (state State)

CreateState creates auth state.

func (*Manager) FetchProfile 

func (m *Manager) FetchProfile(ctx context.Context, accessToken string) (profile Profile, err error)

FetchProfile gets a google profile for an access token.

func (*Manager) Finish 

func (m *Manager) Finish(r *http.Request) (result *Result, err error)

Finish processes the returned code, exchanging for an access token, and fetches the user profile.

func (*Manager) HostedDomain 

func (m *Manager) HostedDomain() string

HostedDomain returns the hosted domain.

func (*Manager) OAuthURL 

func (m *Manager) OAuthURL(r *http.Request, stateOptions ...StateOption) (oauthURL string, err error)

OAuthURL is the auth url for google with a given clientID. This is typically the link that a user will click on to start the auth process.

func (*Manager) RedirectURI 

func (m *Manager) RedirectURI() string

RedirectURI returns a property.

func (*Manager) RequestDefaults 

func (m *Manager) RequestDefaults() r2.Defaults

RequestDefaults returns the request defaults.

func (*Manager) Scopes 

func (m *Manager) Scopes() []string

Scopes returns the oauth scopes.

func (*Manager) Secret 

func (m *Manager) Secret() []byte

Secret returns a property

func (*Manager) Tracer 

func (m *Manager) Tracer() Tracer

Tracer returns the tracer.

func (*Manager) ValidateProfile 

func (m *Manager) ValidateProfile(p *Profile) error

ValidateProfile validates a profile.

func (*Manager) ValidateState 

func (m *Manager) ValidateState(state State) error

ValidateState validates oauth state.

func (*Manager) WithClientID 

func (m *Manager) WithClientID(clientID string) *Manager

WithClientID sets the client id.

func (*Manager) WithClientSecret 

func (m *Manager) WithClientSecret(clientSecret string) *Manager

WithClientSecret sets the client id.

func (*Manager) WithHostedDomain 

func (m *Manager) WithHostedDomain(hostedDomain string) *Manager

WithHostedDomain returns the hosted domain.

func (*Manager) WithRedirectURI 

func (m *Manager) WithRedirectURI(redirectURI string) *Manager

WithRedirectURI sets the return url.

func (*Manager) WithScopes 

func (m *Manager) WithScopes(scopes ...string) *Manager

WithScopes sets the oauth scopes.

func (*Manager) WithSecret 

func (m *Manager) WithSecret(secret []byte) *Manager

WithSecret sets the secret used to create state tokens.

func (*Manager) WithTracer 

func (m *Manager) WithTracer(tracer Tracer) *Manager

WithTracer sets the oauth manager tracer.

type Profile 

type Profile struct {
	ID            string `json:"id"`
	Email         string `json:"email"`
	VerifiedEmail bool   `json:"verified_email"`
	Name          string `json:"name"`
	GivenName     string `json:"given_name"`
	FamilyName    string `json:"family_name"`
	Link          string `json:"link"`
	Gender        string `json:"gender"`
	Locale        string `json:"locale"`
	PictureURL    string `json:"picture"`
}

Profile is a profile with google.

func (Profile) Username 

func (p Profile) Username() string

Username returns the <username>@fqdn component of the email address.

type Response 

type Response struct {
	AccessToken  string
	TokenType    string
	RefreshToken string
	Expiry       time.Time
}

Response is the response details from the oauth exchange.

type Result 

type Result struct {
	Response Response
	Profile  Profile
	State    State
}

Result is the final result of the oauth exchange. It is the user profile of the user and the state information.

type State 

type State struct {
	// Token is a plaintext random token.
	Token string
	// SecureToken is the hashed version of the token.
	// If a key is set, it validates that our app created the oauth state.
	SecureToken string
	// RedirectURI is the redirect uri.
	RedirectURI string
	// Extra includes other state you might need to encode.
	Extra map[string]interface{}
}

State is the oauth state.

func DeserializeState 

func DeserializeState(raw string) (state State, err error)

DeserializeState deserializes the oauth state.

type StateOption added in v1.20201204.1 

type StateOption func(*State)

StateOption is an option for state objects

func OptExtra 

func OptExtra(key string, value interface{}) StateOption

OptExtra sets the redirect uri on the stae.

func OptRedirectURI added in v1.20201204.1 

func OptRedirectURI(redirectURI string) StateOption

OptRedirectURI sets the redirect uri on the stae.

func OptSecureToken 

func OptSecureToken(secureToken string) StateOption

OptSecureToken sets the secure token on the state.

type TraceFinisher 

type TraceFinisher interface {
	Finish(*http.Request, *Result, error)
}

TraceFinisher is a finisher for a trace.

type Tracer 

type Tracer interface {
	Start(r *http.Request) TraceFinisher
}

Tracer is a trace shim.

type Values 

type Values = map[string]interface{}

Values is a loose type alias to map[string]interface{}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.