oauth2

package module

v0.2.5 Latest Latest Go to latest Published: Jul 13, 2023 License: BSD-3-Clause Imports: 12 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/bsurc/oauth2

Links

Open Source Insights

README ¶

oauth2

OAuth2 web handler for Google/BSU

Documentation ¶

Index ¶

Constants
type Client
- func NewClient(c Config) (*Client, error)
type Config
type OAuthCtxKey

Constants ¶

View Source

const (

	// BSUEmail is a valid regexp for any BSU address
	BSUEmail = `^.+@(u\.)?boisestate.edu$`
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Client ¶

type Client struct {

	// When checking the whitelist governed by Grant/Revoke, check using
	// ToLower()
	CI bool
	// contains filtered or unexported fields
}

Client supplies the ability to authenticate via OAuth2 on Google, but more specifically for BSU people through Google. Access for specific users can be added, or using a regular expression.

func NewClient ¶

func NewClient(c Config) (*Client, error)

NewClient returns a client that has two helper functions, one is an AuthHandler with needs to be installed at the same address as redirect, the other is a Shim that checks for valid credentials and rejects the unauthorized users. If the regex is set, the email of the user must match it. Explicit Google or BSU emails can be set using Grant/Revoke.

TODO(kyle): show Auth and Shim examples

func (*Client) AuthHandler ¶

func (c *Client) AuthHandler(w http.ResponseWriter, r *http.Request)

AuthHandler

func (*Client) Email ¶

func (c *Client) Email(r *http.Request) string

Email returns the email that is associated with the session passed in.

We'd like to expose who is has a valid session, but I don't like this. Fix it.

func (*Client) Grant ¶

func (c *Client) Grant(email string)

Grant allows the user with the supplied email access

func (*Client) HTTPClient ¶

func (c *Client) HTTPClient(r *http.Request) *http.Client

func (*Client) Revoke ¶

func (c *Client) Revoke(email string)

Revoke removes the user with the supplied email from the whitelist

func (*Client) ShimHandler ¶

func (c *Client) ShimHandler(h http.Handler) http.Handler

ShimHandler

type Config ¶

type Config struct {
	// Token is the google OAuth2 client id
	Token string
	// Secret is the google OAuth2 client secret
	Secret string
	// RedirectURL is the URL to redirect to after authentication
	RedirectURL string
	// Regexp is the regular expression string that emails must match for access
	Regexp string
	// Scopes are the OAuth2 scopes.  The email scope is always set.
	Scopes []string
	// Cookie name is the name of the cookie that stores session information
	CookieName string
}

Config holds the information necessary to create a new client

type OAuthCtxKey ¶ added in v0.2.0

type OAuthCtxKey string

Source Files ¶

View all Source files

oauth2.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL