oauth2

package module
v0.0.0-...-d948c6c Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 3, 2014 License: Apache-2.0 Imports: 9 Imported by: 0

README

oauth2 wercker status

Allows your Martini application to support user login via an OAuth 2.0 backend. Requires sessions middleware. Google, Facebook, LinkedIn and Github sign-in are currently supported. Once endpoints are provided, this middleware can work with any OAuth 2.0 backend.

Usage

package main

import (
  "github.com/go-martini/martini"
  "github.com/martini-contrib/oauth2"
  "github.com/martini-contrib/sessions"
)

func main() {
  m := martini.Classic()
  m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123"))))
  m.Use(oauth2.Google(&oauth2.Options{
    ClientId:     "client_id",
    ClientSecret: "client_secret",
    RedirectURL:  "redirect_url",
    Scopes:       []string{"https://www.googleapis.com/auth/drive"},
  }))

  // Tokens are injected to the handlers
  m.Get("/", func(tokens oauth2.Tokens) string {
    if tokens.IsExpired() {
      return "not logged in, or the access token is expired"
    }
    return "logged in"
  })

  // Routes that require a logged in user
  // can be protected with oauth2.LoginRequired handler.
  // If the user is not authenticated, they will be
  // redirected to the login path.
  m.Get("/restrict", oauth2.LoginRequired, func(tokens oauth2.Tokens) string {
    return tokens.Access()
  })

  m.Run()
}

If a route requires login, you can add oauth2.LoginRequired to the handler chain. If user is not logged, they will be automatically redirected to the login path.

m.Get("/login-required", oauth2.LoginRequired, func() ...)

Auth flow

  • /login will redirect user to the OAuth 2.0 provider's permissions dialog. If there is a next query param provided, user is redirected to the next page afterwards.
  • If user agrees to connect, OAuth 2.0 provider will redirect to /oauth2callback to let your app to make the handshake. You need to register /oauth2callback as a Redirect URL in your application settings.
  • /logout will log the user out. If there is a next query param provided, user is redirected to the next page afterwards.

You can customize the login, logout, oauth2callback and error paths:

oauth2.PathLogin = "/oauth2login"
oauth2.PathLogout = "/oauth2logout"
...

Authors

Documentation

Overview

Package oauth2 contains Martini handlers to provide user login via an OAuth 2.0 backend.

Index

Constants

This section is empty.

Variables

View Source
var (
	// Path to handle OAuth 2.0 logins.
	PathLogin = "/login"
	// Path to handle OAuth 2.0 logouts.
	PathLogout = "/logout"
	// Path to handle callback from OAuth 2.0 backend
	// to exchange credentials.
	PathCallback = "/oauth2callback"
	// Path to handle error cases.
	PathError = "/oauth2error"
)
View Source
var LoginRequired martini.Handler = func() martini.Handler {
	return func(s sessions.Session, c martini.Context, w http.ResponseWriter, r *http.Request) {
		token := unmarshallToken(s)
		if token == nil || token.IsExpired() {
			next := url.QueryEscape(r.URL.RequestURI())
			http.Redirect(w, r, PathLogin+"?next="+next, codeRedirect)
		}
	}
}()

Handler that redirects user to the login page if user is not logged in. Sample usage: m.Get("/login-required", oauth2.LoginRequired, func() ... {})

Functions

func Facebook

func Facebook(opts *Options) martini.Handler

func Github

func Github(opts *Options) martini.Handler

Returns a new Github OAuth 2.0 backend endpoint.

func Google

func Google(opts *Options) martini.Handler

Returns a new Google OAuth 2.0 backend endpoint.

func LinkedIn

func LinkedIn(opts *Options) martini.Handler

func NewOAuth2Provider

func NewOAuth2Provider(opts *Options) martini.Handler

Returns a generic OAuth 2.0 backend endpoint.

Types

type Options

type Options struct {
	ClientId     string
	ClientSecret string
	RedirectURL  string
	Scopes       []string

	AuthUrl  string
	TokenUrl string
}

Represents OAuth2 backend options.

type Tokens

type Tokens interface {
	Access() string
	Refresh() string
	IsExpired() bool
	ExpiryTime() time.Time
	ExtraData() map[string]string
}

Represents a container that contains user's OAuth 2.0 access and refresh tokens.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL