Documentation ¶
Index ¶
- Constants
- Variables
- func DetectAzureIDTokenIssuer(ctx context.Context, idToken string) (string, error)
- func GetName(name linkedinName) string
- func IsAzureIssuer(issuer string) bool
- func OverrideGoogleProvider(issuer, userInfo string)
- func ResetGoogleProvider()
- type AppleIDTokenClaims
- type AppleProvider
- func (p AppleProvider) AuthCodeURL(state string, args ...oauth2.AuthCodeOption) string
- func (p AppleProvider) GetOAuthToken(code string) (*oauth2.Token, error)
- func (p AppleProvider) GetUserData(ctx context.Context, tok *oauth2.Token) (*UserProvidedData, error)
- func (p AppleProvider) ParseUser(data string, userData *UserProvidedData) error
- type AzureIDTokenClaims
- type Claims
- type Email
- type HTTPError
- type IsPrivateEmail
- type KakaoIDTokenClaims
- type LinkedinIDTokenClaims
- type OAuthProvider
- func NewAppleProvider(ctx context.Context, ext conf.OAuthProviderConfiguration) (OAuthProvider, error)
- func NewAzureProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
- func NewBitbucketProvider(ext conf.OAuthProviderConfiguration) (OAuthProvider, error)
- func NewDiscordProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
- func NewFacebookProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
- func NewFigmaProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
- func NewFlyProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
- func NewGithubProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
- func NewGitlabProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
- func NewGoogleProvider(ctx context.Context, ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
- func NewKakaoProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
- func NewKeycloakProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
- func NewLinkedinOIDCProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
- func NewLinkedinProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
- func NewNotionProvider(ext conf.OAuthProviderConfiguration) (OAuthProvider, error)
- func NewSlackProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
- func NewSpotifyProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
- func NewTwitchProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
- func NewTwitterProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
- func NewWorkOSProvider(ext conf.OAuthProviderConfiguration) (OAuthProvider, error)
- func NewZoomProvider(ext conf.OAuthProviderConfiguration) (OAuthProvider, error)
- type ParseIDTokenOptions
- type Provider
- type TwitterProvider
- func (t *TwitterProvider) AuthCodeURL(state string, args ...oauth2.AuthCodeOption) string
- func (t TwitterProvider) FetchUserData(ctx context.Context, tok *oauth.AccessToken) (*UserProvidedData, error)
- func (t TwitterProvider) GetOAuthToken(_ string) (*oauth2.Token, error)
- func (t TwitterProvider) GetUserData(ctx context.Context, tok *oauth2.Token) (*UserProvidedData, error)
- func (t TwitterProvider) Marshal() string
- func (t TwitterProvider) Unmarshal(data string) (*oauth.RequestToken, error)
- type UserProvidedData
Constants ¶
const IssuerApple = "https://appleid.apple.com"
const IssuerAzureCommon = "https://login.microsoftonline.com/common/v2.0"
const IssuerAzureMicrosoft = "https://login.microsoftonline.com/9188040d-6c67-4c5b-b112-36a304b66dad/v2.0"
IssuerAzureMicrosoft is the OIDC issuer for microsoft.com accounts: https://learn.microsoft.com/en-us/azure/active-directory/develop/id-token-claims-reference#payload-claims
const IssuerAzureOrganizations = "https://login.microsoftonline.com/organizations/v2.0"
const IssuerFacebook = "https://www.facebook.com"
const IssuerGoogle = "https://accounts.google.com"
const (
IssuerKakao = "https://kauth.kakao.com"
)
const (
IssuerLinkedin = "https://www.linkedin.com"
)
const UserInfoEndpointGoogle = "https://www.googleapis.com/userinfo/v2/me"
Variables ¶
var OverrideClock func() time.Time
OverrideClock can be used to set a custom clock function to be used when parsing ID tokens. Should only be used in tests.
var OverrideVerifiers = make(map[string]func(context.Context, *oidc.Config) *oidc.IDTokenVerifier)
OverrideVerifiers can be used to set a custom verifier for an OIDC provider (identified by the provider's Endpoint().AuthURL string). Should only be used in tests.
Functions ¶
func IsAzureIssuer ¶
func OverrideGoogleProvider ¶
func OverrideGoogleProvider(issuer, userInfo string)
OverrideGoogleProvider should only be used in tests!
func ResetGoogleProvider ¶
func ResetGoogleProvider()
ResetGoogleProvider should only be used in tests!
Types ¶
type AppleIDTokenClaims ¶
type AppleIDTokenClaims struct { jwt.StandardClaims Email string `json:"email"` AuthTime *float64 `json:"auth_time"` IsPrivateEmail *IsPrivateEmail `json:"is_private_email"` }
type AppleProvider ¶
AppleProvider stores the custom config for apple provider
func (AppleProvider) AuthCodeURL ¶
func (p AppleProvider) AuthCodeURL(state string, args ...oauth2.AuthCodeOption) string
func (AppleProvider) GetOAuthToken ¶
func (p AppleProvider) GetOAuthToken(code string) (*oauth2.Token, error)
GetOAuthToken returns the apple provider access token
func (AppleProvider) GetUserData ¶
func (p AppleProvider) GetUserData(ctx context.Context, tok *oauth2.Token) (*UserProvidedData, error)
GetUserData returns the user data fetched from the apple provider
func (AppleProvider) ParseUser ¶
func (p AppleProvider) ParseUser(data string, userData *UserProvidedData) error
ParseUser parses the apple user's info
type AzureIDTokenClaims ¶
type AzureIDTokenClaims struct { jwt.StandardClaims Email string `json:"email"` Name string `json:"name"` PreferredUsername string `json:"preferred_username"` XMicrosoftEmailDomainOwnerVerified any `json:"xms_edov"` }
func (*AzureIDTokenClaims) IsEmailVerified ¶
func (c *AzureIDTokenClaims) IsEmailVerified() bool
type Claims ¶
type Claims struct { // Reserved claims Issuer string `json:"iss,omitempty" structs:"iss,omitempty"` Subject string `json:"sub,omitempty" structs:"sub,omitempty"` Aud string `json:"aud,omitempty" structs:"aud,omitempty"` Iat float64 `json:"iat,omitempty" structs:"iat,omitempty"` Exp float64 `json:"exp,omitempty" structs:"exp,omitempty"` // Default profile claims Name string `json:"name,omitempty" structs:"name,omitempty"` FamilyName string `json:"family_name,omitempty" structs:"family_name,omitempty"` GivenName string `json:"given_name,omitempty" structs:"given_name,omitempty"` MiddleName string `json:"middle_name,omitempty" structs:"middle_name,omitempty"` NickName string `json:"nickname,omitempty" structs:"nickname,omitempty"` PreferredUsername string `json:"preferred_username,omitempty" structs:"preferred_username,omitempty"` Profile string `json:"profile,omitempty" structs:"profile,omitempty"` Picture string `json:"picture,omitempty" structs:"picture,omitempty"` Website string `json:"website,omitempty" structs:"website,omitempty"` Gender string `json:"gender,omitempty" structs:"gender,omitempty"` Birthdate string `json:"birthdate,omitempty" structs:"birthdate,omitempty"` ZoneInfo string `json:"zoneinfo,omitempty" structs:"zoneinfo,omitempty"` Locale string `json:"locale,omitempty" structs:"locale,omitempty"` UpdatedAt string `json:"updated_at,omitempty" structs:"updated_at,omitempty"` Email string `json:"email,omitempty" structs:"email,omitempty"` EmailVerified bool `json:"email_verified,omitempty" structs:"email_verified"` Phone string `json:"phone,omitempty" structs:"phone,omitempty"` PhoneVerified bool `json:"phone_verified,omitempty" structs:"phone_verified"` // Custom profile claims that are provider specific CustomClaims map[string]interface{} `json:"custom_claims,omitempty" structs:"custom_claims,omitempty"` // TODO: Deprecate in next major release FullName string `json:"full_name,omitempty" structs:"full_name,omitempty"` AvatarURL string `json:"avatar_url,omitempty" structs:"avatar_url,omitempty"` Slug string `json:"slug,omitempty" structs:"slug,omitempty"` ProviderId string `json:"provider_id,omitempty" structs:"provider_id,omitempty"` UserNameKey string `json:"user_name,omitempty" structs:"user_name,omitempty"` }
type Email ¶
Email is a struct that provides information on whether an email is verified or is the primary email address
type HTTPError ¶
type HTTPError struct { Code int `json:"code"` Message string `json:"msg"` InternalError error `json:"-"` InternalMessage string `json:"-"` ErrorID string `json:"error_id,omitempty"` }
func (*HTTPError) WithInternalError ¶
WithInternalError adds internal error information to the error
func (*HTTPError) WithInternalMessage ¶
WithInternalMessage adds internal message information to the error
type IsPrivateEmail ¶
type IsPrivateEmail bool
func (*IsPrivateEmail) UnmarshalJSON ¶
func (b *IsPrivateEmail) UnmarshalJSON(data []byte) error
Apple returns an is_private_email field that could be a string or boolean value so we need to implement a custom unmarshaler https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_rest_api/authenticating_users_with_sign_in_with_apple
type KakaoIDTokenClaims ¶
type KakaoIDTokenClaims struct { jwt.StandardClaims Email string `json:"email"` Nickname string `json:"nickname"` Picture string `json:"picture"` }
type LinkedinIDTokenClaims ¶
type OAuthProvider ¶
type OAuthProvider interface { AuthCodeURL(string, ...oauth2.AuthCodeOption) string GetUserData(context.Context, *oauth2.Token) (*UserProvidedData, error) GetOAuthToken(string) (*oauth2.Token, error) }
OAuthProvider specifies additional methods needed for providers using OAuth
func NewAppleProvider ¶
func NewAppleProvider(ctx context.Context, ext conf.OAuthProviderConfiguration) (OAuthProvider, error)
NewAppleProvider creates a Apple account provider.
func NewAzureProvider ¶
func NewAzureProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
NewAzureProvider creates a Azure account provider.
func NewBitbucketProvider ¶
func NewBitbucketProvider(ext conf.OAuthProviderConfiguration) (OAuthProvider, error)
NewBitbucketProvider creates a Bitbucket account provider.
func NewDiscordProvider ¶
func NewDiscordProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
NewDiscordProvider creates a Discord account provider.
func NewFacebookProvider ¶
func NewFacebookProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
NewFacebookProvider creates a Facebook account provider.
func NewFigmaProvider ¶
func NewFigmaProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
NewFigmaProvider creates a Figma account provider.
func NewFlyProvider ¶
func NewFlyProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
NewFlyProvider creates a Fly oauth provider.
func NewGithubProvider ¶
func NewGithubProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
NewGithubProvider creates a Github account provider.
func NewGitlabProvider ¶
func NewGitlabProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
NewGitlabProvider creates a Gitlab account provider.
func NewGoogleProvider ¶
func NewGoogleProvider(ctx context.Context, ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
NewGoogleProvider creates a Google OAuth2 identity provider.
func NewKakaoProvider ¶
func NewKakaoProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
func NewKeycloakProvider ¶
func NewKeycloakProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
NewKeycloakProvider creates a Keycloak account provider.
func NewLinkedinOIDCProvider ¶
func NewLinkedinOIDCProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
NewLinkedinOIDCProvider creates a Linkedin account provider via OIDC.
func NewLinkedinProvider ¶
func NewLinkedinProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
NewLinkedinProvider creates a Linkedin account provider.
func NewNotionProvider ¶
func NewNotionProvider(ext conf.OAuthProviderConfiguration) (OAuthProvider, error)
NewNotionProvider creates a Notion account provider.
func NewSlackProvider ¶
func NewSlackProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
NewSlackProvider creates a Slack account provider.
func NewSpotifyProvider ¶
func NewSpotifyProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
NewSpotifyProvider creates a Spotify account provider.
func NewTwitchProvider ¶
func NewTwitchProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
NewTwitchProvider creates a Twitch account provider.
func NewTwitterProvider ¶
func NewTwitterProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error)
NewTwitterProvider creates a Twitter account provider.
func NewWorkOSProvider ¶
func NewWorkOSProvider(ext conf.OAuthProviderConfiguration) (OAuthProvider, error)
NewWorkOSProvider creates a WorkOS account provider.
func NewZoomProvider ¶
func NewZoomProvider(ext conf.OAuthProviderConfiguration) (OAuthProvider, error)
NewZoomProvider creates a Zoom account provider.
type ParseIDTokenOptions ¶
type Provider ¶
type Provider interface {
AuthCodeURL(string, ...oauth2.AuthCodeOption) string
}
Provider is an interface for interacting with external account providers
type TwitterProvider ¶
type TwitterProvider struct { ClientKey string Secret string CallbackURL string AuthURL string RequestToken *oauth.RequestToken OauthVerifier string Consumer *oauth.Consumer UserInfoURL string }
TwitterProvider stores the custom config for twitter provider
func (*TwitterProvider) AuthCodeURL ¶
func (t *TwitterProvider) AuthCodeURL(state string, args ...oauth2.AuthCodeOption) string
AuthCodeURL fetches the request token from the twitter provider
func (TwitterProvider) FetchUserData ¶
func (t TwitterProvider) FetchUserData(ctx context.Context, tok *oauth.AccessToken) (*UserProvidedData, error)
FetchUserData retrieves the user's data from the twitter provider
func (TwitterProvider) GetOAuthToken ¶
func (t TwitterProvider) GetOAuthToken(_ string) (*oauth2.Token, error)
GetOAuthToken is a stub method for OAuthProvider interface, unused in OAuth1.0 protocol
func (TwitterProvider) GetUserData ¶
func (t TwitterProvider) GetUserData(ctx context.Context, tok *oauth2.Token) (*UserProvidedData, error)
GetUserData is a stub method for OAuthProvider interface, unused in OAuth1.0 protocol
func (TwitterProvider) Marshal ¶
func (t TwitterProvider) Marshal() string
Marshal encodes the twitter request token
func (TwitterProvider) Unmarshal ¶
func (t TwitterProvider) Unmarshal(data string) (*oauth.RequestToken, error)
Unmarshal decodes the twitter request token
type UserProvidedData ¶
UserProvidedData is a struct that contains the user's data returned from the oauth provider