Documentation ¶
Index ¶
- Constants
- Variables
- type AccessToken
- type CacheConfig
- type Config
- type GitHubProvider
- func (p GitHubProvider) FetchAccessToken(ctx context.Context, redirectUri string, authCode string) (AccessToken, error)
- func (p GitHubProvider) FetchAuthenticatedUser(ctx context.Context, accessToken AccessToken) (auth.User, error)
- func (p GitHubProvider) InitiateUrl(redirectUri string, state string, includeUserInfoProfileScope bool) string
- func (p GitHubProvider) Name() string
- type GoogleProvider
- func (p GoogleProvider) FetchAccessToken(ctx context.Context, redirectUri string, authCode string) (AccessToken, error)
- func (p GoogleProvider) FetchAuthenticatedUser(ctx context.Context, accessToken AccessToken) (auth.User, error)
- func (p GoogleProvider) InitiateUrl(redirectUri string, state string, includeUserInfoProfileScope bool) string
- func (p GoogleProvider) Name() string
- type Provider
Constants ¶
const AccessTokenCtxKey ctxKey = 1
AccessTokenCtxKey is used to pass the AccessToken to the request context.Context
Variables ¶
var GitHubAccessTokenEndpoint = "https://github.com/login/oauth/access_token"
var GitHubAuthorizeEndpoint = "https://github.com/login/oauth/authorize"
var GitHubUserInfoEndpoint = "https://api.github.com/user"
var GitHubUserInfoProfileScopes = []string{"user"}
var GoogleAccessTokenEndpoint = "https://oauth2.googleapis.com/token"
var GoogleAuthorizeEndpoint = "https://accounts.google.com/o/oauth2/v2/auth"
var GoogleUserInfoEndpoint = "https://www.googleapis.com/oauth2/v1/userinfo"
var GoogleUserInfoScopes = []string{"openid", "https://www.googleapis.com/auth/userinfo.email", "https://www.googleapis.com/auth/userinfo.profile"}
var HttpClient = &http.Client{ Transport: &http.Transport{ DialContext: (&net.Dialer{ Timeout: 5 * time.Second, }).DialContext, TLSHandshakeTimeout: 5 * time.Second, }, Timeout: 10 * time.Second, }
The HttpClient is an optimized http client used to exchange an authorization code for an AccessToken (OPTIONAL)
Functions ¶
This section is empty.
Types ¶
type AccessToken ¶
type AccessToken struct { // AccessToken the token that the application should send it to authorize a Provider request (REQUIRED) AccessToken string // TokenType the type of token returned (for example: Bearer) (REQUIRED) TokenType string // Scopes the scopes of access granted by the AccessToken (case-sensitive strings) (REQUIRED) Scopes []string // RefreshToken a token that you can use to obtain a new access token. Refresh tokens are valid until the user revokes access. (OPTIONAL) RefreshToken string // ExpiresInSeconds the remaining lifetime of the access token in seconds (OPTIONAL) ExpiresInSeconds int }
An AccessToken includes the fields returned by the OAUTH2 provider after the exchange of the authorization code
func GetAccessTokenFromContext ¶
func GetAccessTokenFromContext(ctx context.Context) AccessToken
GetAccessTokenFromContext returns the OAUTH2 AccessToken from the request context.Context
func (AccessToken) IsEmpty ¶
func (t AccessToken) IsEmpty() bool
type CacheConfig ¶
type CacheConfig struct { // Cache should be an instance of a distributed cache.Cache implementation Cache cache.Cache // KeyExpirationTime specifies the expiration time for the keys from the cache KeyExpirationTime time.Duration }
A CacheConfig encapsulate the cache related values
type Config ¶
type Config struct { // WebsiteUrl the website domain including the https scheme without trailing slash (example: https://www.mydomain.com) (REQUIRED) WebsiteUrl string // If FetchUserDetails is true, the user details (id, name, emails) are requested FetchUserDetails bool // Providers is a list of OAUTH2 supported providers (REQUIRED) Providers []Provider // CacheConfig (OPTIONAL) CacheConfig }
A Config encapsulate the required information for the OAUTH2 flow
func (Config) GetProviderByName ¶
GetProviderByName returns a Provider with the specified name, otherwise nil
type GitHubProvider ¶
type GitHubProvider struct { // The ClientId is the client ID you received from GitHub when you register your OAUTH app (REQUIRED) ClientId string // The ClientSecret is the client secret you received from GitHub when you register your OAUTH app (REQUIRED) ClientSecret string // Login suggests a specific account to use for signing in and authorizing the app (OPTIONAL) Login string // AllowSignup specifies whether or not unauthenticated users will be offered an option to sign up for GitHub during the OAuth flow AllowSignup bool // Scopes is a list of authorization requested scopes. Default read:user, user:email (OPTIONAL) Scopes []string }
GitHubProvider implements the OAUTH2 flow using GitHub For more information please visit https://docs.github.com/en/developers/apps/building-oauth-apps/authorizing-oauth-apps
func (GitHubProvider) FetchAccessToken ¶
func (p GitHubProvider) FetchAccessToken(ctx context.Context, redirectUri string, authCode string) (AccessToken, error)
func (GitHubProvider) FetchAuthenticatedUser ¶
func (p GitHubProvider) FetchAuthenticatedUser(ctx context.Context, accessToken AccessToken) (auth.User, error)
func (GitHubProvider) InitiateUrl ¶
func (p GitHubProvider) InitiateUrl(redirectUri string, state string, includeUserInfoProfileScope bool) string
func (GitHubProvider) Name ¶
func (p GitHubProvider) Name() string
type GoogleProvider ¶
type GoogleProvider struct { // The ClientId is the client ID you received from Google when you register your OAUTH app (REQUIRED) ClientId string // The ClientSecret is the client secret you received from Google when you register your OAUTH app (REQUIRED) ClientSecret string // Scopes is a list scopes that identify the resources that your application could access on the user's behalf (REQUIRED) Scopes []string // The AccessTypeOffline indicates whether your application can refresh access tokens when the user is not present at the browser AccessTypeOffline bool // The IncludeGrantedScopes enables the application to use incremental authorization to request access to additional scopes in context (see: https://developers.google.com/identity/protocols/oauth2/web-server#incrementalAuth) IncludeGrantedScopes bool // LoginHint provides a hint to the Google Authentication Server about which user is trying to authenticate (OPTIONAL) LoginHint string // Prompts represents and array of case-sensitive list of prompts to present the user. Possible values are: (none, consent, select_account) (OPTIONAL) (see:https://developers.google.com/identity/protocols/oauth2/openid-connect#re-consent) Prompts []string }
GoogleProvider implements the OAUTH2 flow using Google
func (GoogleProvider) FetchAccessToken ¶
func (p GoogleProvider) FetchAccessToken(ctx context.Context, redirectUri string, authCode string) (AccessToken, error)
func (GoogleProvider) FetchAuthenticatedUser ¶
func (p GoogleProvider) FetchAuthenticatedUser(ctx context.Context, accessToken AccessToken) (auth.User, error)
func (GoogleProvider) InitiateUrl ¶
func (p GoogleProvider) InitiateUrl(redirectUri string, state string, includeUserInfoProfileScope bool) string
func (GoogleProvider) Name ¶
func (p GoogleProvider) Name() string
type Provider ¶
type Provider interface { // Name returns the name of the OAUTH2 provider (e.g. github, google, facebook, twitter, linkedin) Name() string // InitiateUrl returns the initiate URL for the OAUTH2 flow // The state parameter should be an unguessable random string that will be used to protect against cross-site request forgery attacks InitiateUrl(redirectUri string, state string, includeUserInfoProfileScope bool) string // FetchAccessToken exchange the authorization code for the access token FetchAccessToken(ctx context.Context, redirectUri string, authCode string) (AccessToken, error) // FetchAuthenticatedUser retrieves the authenticated user details FetchAuthenticatedUser(ctx context.Context, accessToken AccessToken) (auth.User, error) }
The Provider interface defines the methods for an OAUTH2 provider