README
¶
oauth2cli 
This is a Go package for authorization in a command line interface (CLI) application. It allows intuitive user interaction using OAuth 2.0 Authorization Code Grant and the local server.
See the example for more.
Why
When we implement the OAuth 2.0 Authorization Code Grant in a CLI application, it should be complicated user interaction. For example,
- User runs the command on a terminal.
- User opens the URL shown on the command.
- User logs in to the provider.
- User copies the code shown on the browser.
- User pastes the code on the terminal.
- User can access to the API using the token.
By using oauth2cli, user interaction is very simple and easy. For example,
- User runs the command on a terminal.
- The command opens the browser.
- User logs in to the provider.
- The command gets a token from the provider.
- User can access to the API using the token.
How it works
oauth2cli performs the following steps:
- Start a local server at the port.
- Send the URL of the local server to the channel. You can open a browser and navigate it to the URL.
- Wait for the user authorization.
- Receive a code via an authorization response (HTTP redirect).
- Exchange the code and a token.
- Return the code.
Contributions
This is an open source software licensed under Apache 2.0. Feel free to open issues and pull requests.
Documentation
¶
Overview ¶
Package oauth2cli provides better user experience on OAuth 2.0 and OpenID Connect (OIDC) on CLI. It allows simple and easy user interaction with Authorization Code Grant Flow and a local server.
Index ¶
Constants ¶
const DefaultLocalServerSuccessHTML = `<html><body>OK<script>window.close()</script></body></html>`
DefaultLocalServerSuccessHTML is a default response body on authorization success.
Variables ¶
This section is empty.
Functions ¶
func GetToken ¶ added in v1.4.0
GetToken performs Authorization Code Grant Flow and returns a token got from the provider. See https://tools.ietf.org/html/rfc6749#section-4.1
This does the following steps:
- Start a local server at the port.
- Open a browser and navigate it to the local server.
- Wait for the user authorization.
- Receive a code via an authorization response (HTTP redirect).
- Exchange the code and a token.
- Return the code.
Types ¶
type Config ¶ added in v1.4.0
type Config struct {
OAuth2Config oauth2.Config
AuthCodeOptions []oauth2.AuthCodeOption
// Address which the local server binds to.
// Set to "0.0.0.0" to bind all interfaces.
// Default to localhost.
LocalServerAddress string
// Candidates of a port which the local server binds to.
// If multiple ports are given, it will try the ports in order.
// If nil or an empty slice is given, it will allocate a free port.
LocalServerPort []int
// A PEM-encoded certificate, and possibly the complete certificate chain.
// When set, the server will serve TLS traffic using the specified
// certificates. It's recommended that the public key's SANs contain
// the loopback addresses - 'localhost', '127.0.0.1' and '::1'
LocalServerCertFile string
// A PEM-encoded private key for the certificate.
// This is required when LocalServerCertFile is set.
LocalServerKeyFile string
// Response HTML body on authorization completed.
// Default to DefaultLocalServerSuccessHTML.
LocalServerSuccessHTML string
// Middleware for the local server. Default to none.
LocalServerMiddleware func(h http.Handler) http.Handler
// A channel to send its URL when the local server is ready. Default to none.
LocalServerReadyChan chan<- string
}
Config represents a config for GetToken.
Source Files
Directories