Documentation
¶
Overview ¶
Package auth implements the OAuth authentication flows for sohop.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // ErrMissingCode is returned if authorization is attempted without an // authorization code. ErrMissingCode = errors.New("Missing authorization code.") // ErrMissingState is returned if the state param in the authorization // request doesn't match the state in the session. ErrMissingState = errors.New("Something unexpected happened. Please try again.") ErrUnauthorized = errors.New("Unauthorized.") // ErrMissingRedirectURL is returned when authorization is successful, but // we don't know where to send the user because there was no RedirectURL // in the session. ErrMissingRedirectURL = errors.New("Not sure where you were going.") )
Functions ¶
Types ¶
type Auther ¶
An Auther abstracts an OAuth flow for authenticating and authorizing access to handlers
type Config ¶
type Config struct {
// Type is the type of Auther. Supported types are: github-org,
// google-regex
Type string
// Config configures the Auther. The structure of this value varies
// depending on the auth type.
Config json.RawMessage
}
A Config can be used to create a new Auther
type GithubAuth ¶
type GithubAuth struct {
ClientID string
ClientSecret string
// OrgID is the ID of the org whose members are authorized. Run
// `curl https://api.github.com/orgs/:org` to get the id.
OrgID int
}
GithubAuth implements the Github OrgID middleware. Users must be logged into Github and be a member of the specified Org to be authorized.
To use, you'll need to create an application to use the Github API for authentication. Read https://developer.github.com/guides/basics-of-authentication/ to get an overview for how this works.
func (GithubAuth) Auth ¶
func (ga GithubAuth) Auth(code string) (string, error)
Auth is implemented so GithubAuth satisfies the Auther interface.
func (GithubAuth) OAuthConfig ¶
func (ga GithubAuth) OAuthConfig() *oauth2.Config
OAuthConfig is implemented so GithubAuth satisfies the Auther interface.
type GoogleAuth ¶
type GoogleAuth struct {
// contains filtered or unexported fields
}
GoogleAuth implements the Google Email Regex middleware. Users must be logged into Google and their verified email must match the configured regex.
The configuration format is described by https://godoc.org/github.com/davars/sohop/auth#GoogleAuthConfig
func (GoogleAuth) Auth ¶
func (ga GoogleAuth) Auth(code string) (string, error)
Auth is implemented so GoogleAuth satisfies the Auther interface.
func (GoogleAuth) OAuthConfig ¶
func (ga GoogleAuth) OAuthConfig() *oauth2.Config
OAuthConfig is implemented so GoogleAuth satisfies the Auther interface.
func (*GoogleAuth) UnmarshalJSON ¶
func (ga *GoogleAuth) UnmarshalJSON(data []byte) error
UnmarshalJSON populates a GoogleAuth from JSON. First the data is loaded into a GoogleAuthConfig. An oauth2.Config is created from the Credentials field, and EmailRegex is compiled.
type GoogleAuthConfig ¶
type GoogleAuthConfig struct {
// Credentials is an object in the same format as can be downloaded from the
// Google Developers Console.
Credentials json.RawMessage
// EmailRegex is run against incoming verified email addresses. Users
// whose email matches are authorized. Be careful, and keep it simple.
EmailRegex string
}
GoogleAuthConfig is used to configure a GoogleAuth. The Credentials format described at https://godoc.org/golang.org/x/oauth2/google#ConfigFromJSON
Source Files