oauth2cli

package module

v1.8.1 Latest Latest Go to latest Published: Oct 25, 2019 License: Apache-2.0 Imports: 9 Imported by: 13

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/int128/oauth2cli

Links

Open Source Insights

README ¶

oauth2cli

This is a Go package for OAuth 2.0 authorization in a command line interface (CLI) tool. You can create a CLI tool with the simple authorization flow for better UX.

Take a look at the demo movie running the example application.

Purpose

When we create a CLI tool which accesses an API with OAuth, it needs the complicated flow such as copy/paste of a URL and code, as follows:

User runs the command.
Command shows the URL for authorization.
User opens the browser, logs in to the server and approves the authorization.
Server shows an authorization code.
User copies the code and pastes into the command.
Command accesses the API with the token.

You can make it simple by using oauth2cli as follows:

User runs the command.
Command opens the browser.
User logs in to the server and approves the authorization.
Command gets a token and access the API with the token.

How it works

oauth2cli starts the local server and initiates the flow of OAuth 2.0 Authorization Code Grant.

Take a look at the sequence diagram:

diagram

Contributions

This is an open source software licensed under Apache 2.0. Feel free to open issues and pull requests.

Documentation ¶

Overview ¶

Package oauth2cli provides better user experience on OAuth 2.0 and OpenID Connect (OIDC) on CLI. It allows simple and easy user interaction with Authorization Code Grant Flow and a local server.

Index ¶

Constants
func GetToken(ctx context.Context, config Config) (*oauth2.Token, error)
type Config

Constants ¶

View Source

const DefaultLocalServerSuccessHTML = `<html><body>OK<script>window.close()</script></body></html>`

DefaultLocalServerSuccessHTML is a default response body on authorization success.

Variables ¶

This section is empty.

Functions ¶

func GetToken ¶ added in v1.4.0

func GetToken(ctx context.Context, config Config) (*oauth2.Token, error)

GetToken performs Authorization Code Grant Flow and returns a token got from the provider. See https://tools.ietf.org/html/rfc6749#section-4.1

This does the following steps:

Start a local server at the port.
Open a browser and navigate it to the local server.
Wait for the user authorization.
Receive a code via an authorization response (HTTP redirect).
Exchange the code and a token.
Return the code.

Types ¶

type Config ¶ added in v1.4.0

type Config struct {
	OAuth2Config oauth2.Config

	// Options for an authorization request.
	// You can set oauth2.AccessTypeOffline and the PKCE options here.
	AuthCodeOptions []oauth2.AuthCodeOption
	// Options for a token request.
	// You can set the PKCE options here.
	TokenRequestOptions []oauth2.AuthCodeOption

	// Candidates of hostname and port which the local server binds to.
	// You can set port number to 0 to allocate a free port.
	// If multiple addresses are given, it will try the ports in order.
	// If nil or an empty slice is given, it defaults to "127.0.0.1:0" i.e. a free port.
	LocalServerBindAddress []string
	// A PEM-encoded certificate, and possibly the complete certificate chain.
	// When set, the server will serve TLS traffic using the specified
	// certificates. It's recommended that the public key's SANs contain
	// the loopback addresses - 'localhost', '127.0.0.1' and '::1'
	LocalServerCertFile string
	// A PEM-encoded private key for the certificate.
	// This is required when LocalServerCertFile is set.
	LocalServerKeyFile string
	// Response HTML body on authorization completed.
	// Default to DefaultLocalServerSuccessHTML.
	LocalServerSuccessHTML string
	// Middleware for the local server. Default to none.
	LocalServerMiddleware func(h http.Handler) http.Handler
	// A channel to send its URL when the local server is ready. Default to none.
	LocalServerReadyChan chan<- string

	// DEPRECATED: this will be removed in the future release.
	// Use LocalServerBindAddress instead.
	// Address which the local server binds to.
	// Default to "127.0.0.1".
	LocalServerAddress string
	// DEPRECATED: this will be removed in the future release.
	// Use LocalServerBindAddress instead.
	// Candidates of a port which the local server binds to.
	// If nil or an empty slice is given, LocalServerAddress is ignored and allocate a free port.
	// If multiple ports are given, they are appended to LocalServerBindAddress.
	LocalServerPort []int
}

Config represents a config for GetToken.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
e2e_test
authserver Package authserver provides a stub server of the OAuth 2.0 authorization server.	Package authserver provides a stub server of the OAuth 2.0 authorization server.
example

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL