Documentation ¶
Overview ¶
Package osecure provides simple login service based on OAuth client.
Package osecure provides simple login service based on OAuth client.
Index ¶
- Variables
- func AttachRequestWithSessionData(r *http.Request, sessionData *AuthSessionData) *http.Request
- type AuthSessionCookieData
- type AuthSessionData
- type CookieConfig
- type GetPermissionsFunc
- type IntrospectTokenFunc
- type OAuthConfig
- type OAuthSession
- func (s *OAuthSession) Authorize(w http.ResponseWriter, r *http.Request) (*AuthSessionData, error)
- func (s *OAuthSession) CallbackView(w http.ResponseWriter, r *http.Request)
- func (s *OAuthSession) ExpireSession(redirect string) http.HandlerFunc
- func (s *OAuthSession) SecuredF(h http.HandlerFunc) http.HandlerFunc
- func (s *OAuthSession) SecuredH(h http.Handler) http.Handler
- func (s *OAuthSession) StartOAuth(w http.ResponseWriter, r *http.Request)
- type TokenVerifier
Constants ¶
This section is empty.
Variables ¶
var ( ErrorInvalidSession = errors.New("invalid session") ErrorInvalidAuthorizationHeaderFormat = errors.New("invalid authorization header format") ErrorUnsupportedAuthorizationType = errors.New("unsupported authorization type") ErrorInvalidClientID = errors.New("invalid client ID (audience of token)") ErrorInvalidUserID = errors.New("invalid user ID (subject of token)") )
var ( SessionExpireTime = 86400 PermissionExpireTime = 600 )
Functions ¶
func AttachRequestWithSessionData ¶
func AttachRequestWithSessionData(r *http.Request, sessionData *AuthSessionData) *http.Request
AttachRequestWithSessionData append session data into request context
Types ¶
type AuthSessionCookieData ¶
type AuthSessionData ¶
type AuthSessionData struct { UserID string // ClientID string // *AuthSessionCookieData }
func GetRequestSessionData ¶
func GetRequestSessionData(r *http.Request) (*AuthSessionData, bool)
GetRequestSessionData get session data from request context
func (*AuthSessionData) GetClientID ¶
func (data *AuthSessionData) GetClientID() string
GetClientID get client ID of the current user session.
func (*AuthSessionData) GetPermissions ¶
func (data *AuthSessionData) GetPermissions() []string
GetPermissions lists the permissions of the current user and client.
func (*AuthSessionData) GetUserID ¶
func (data *AuthSessionData) GetUserID() string
GetUserID get user ID of the current user session.
func (*AuthSessionData) HasPermission ¶
func (data *AuthSessionData) HasPermission(permission string) bool
HasPermission checks if the current user has such permission.
type CookieConfig ¶
type CookieConfig struct { SigningKey string `yaml:"signing_key" env:"skey"` EncryptionKey string `yaml:"encryption_key" env:"ekey"` }
CookieConfig is a config of github.com/gorilla/securecookie. Recommended configurations are base64 of 64 bytes key for SigningKey, and base64 of 32 bytes key for EncryptionKey.
type GetPermissionsFunc ¶
type IntrospectTokenFunc ¶
type OAuthConfig ¶
type OAuthConfig struct { ClientID string `yaml:"client_id" env:"client_id"` ClientSecret string `yaml:"client_secret" env:"client_secret"` Scopes []string `yaml:"scopes" env:"scopes"` AuthURL string `yaml:"auth_url" env:"auth_url"` TokenURL string `yaml:"token_url" env:"token_url"` AppIDList []string `yaml:"app_id_list" env:"app_id_list"` }
OAuthConfig is a config of osecure.
type OAuthSession ¶
type OAuthSession struct {
// contains filtered or unexported fields
}
func NewOAuthSession ¶
func NewOAuthSession(name string, cookieConf *CookieConfig, oauthConf *OAuthConfig, tokenVerifier *TokenVerifier, callbackURL string) *OAuthSession
NewOAuthSession creates osecure session.
func (*OAuthSession) Authorize ¶
func (s *OAuthSession) Authorize(w http.ResponseWriter, r *http.Request) (*AuthSessionData, error)
Authorize authorize user by verifying cookie or bearer token. if user is authorized, return session data. else, return error.
func (*OAuthSession) CallbackView ¶
func (s *OAuthSession) CallbackView(w http.ResponseWriter, r *http.Request)
CallbackView is a http handler for the authentication redirection of the auth server.
func (*OAuthSession) ExpireSession ¶
func (s *OAuthSession) ExpireSession(redirect string) http.HandlerFunc
ExpireSession is a http function to log out the user.
func (*OAuthSession) SecuredF ¶
func (s *OAuthSession) SecuredF(h http.HandlerFunc) http.HandlerFunc
SecuredF is a http middleware for http.HandlerFunc to check if the current user has logged in.
func (*OAuthSession) SecuredH ¶
func (s *OAuthSession) SecuredH(h http.Handler) http.Handler
SecuredH is a http middleware for http.Handler to check if the current user has logged in.
func (*OAuthSession) StartOAuth ¶
func (s *OAuthSession) StartOAuth(w http.ResponseWriter, r *http.Request)
StartOAuth redirect to endpoint of OAuth service provider for OAuth flow.
type TokenVerifier ¶
type TokenVerifier struct { IntrospectTokenFunc IntrospectTokenFunc GetPermissionsFunc GetPermissionsFunc }
Directories ¶
Path | Synopsis |
---|---|
Package osecure provides simple login service based on OAuth client.
|
Package osecure provides simple login service based on OAuth client. |