oauth

Documentation

Overview

The oauth package provides support for making OAuth2-authenticated HTTP requests.

Example usage:

// Specify your configuration. (typically as a global variable)
var config = &oauth.Config{
	ClientId:     YOUR_CLIENT_ID,
	ClientSecret: YOUR_CLIENT_SECRET,
	Scope:        "https://www.googleapis.com/auth/buzz",
	AuthURL:      "https://accounts.google.com/o/oauth2/auth",
	TokenURL:     "https://accounts.google.com/o/oauth2/token",
	RedirectURL:  "http://you.example.org/handler",
}

// A landing page redirects to the OAuth provider to get the auth code.
func landing(w http.ResponseWriter, r *http.Request) {
	http.Redirect(w, r, config.AuthCodeURL("foo"), http.StatusFound)
}

// The user will be redirected back to this handler, that takes the
// "code" query parameter and Exchanges it for an access token.
func handler(w http.ResponseWriter, r *http.Request) {
	t := &oauth.Transport{Config: config}
	t.Exchange(r.FormValue("code"))
	// The Transport now has a valid Token. Create an *http.Client
	// with which we can make authenticated API requests.
	c := t.Client()
	c.Post(...)
	// ...
	// btw, r.FormValue("state") == "foo"
}

Index

• type Config
  • func (c *Config) AuthCodeURL(state string) string
• type Token
  • func (t *Token) Expired() bool
• type Transport
  • func (t *Transport) Client() *http.Client
  • func (t *Transport) Exchange(code string) (tok *Token, err error)
  • func (t *Transport) Refresh() error
  • func (t *Transport) RoundTrip(req *http.Request) (*http.Response, error)

Types

type Config

type Config struct {
	ClientId     string
	ClientSecret string
	Scope        string
	AuthURL      string
	TokenURL     string
	RedirectURL  string // Defaults to out-of-band mode if empty.
}

Config is the configuration of an OAuth consumer.

func (*Config) AuthCodeURL

func (c *Config) AuthCodeURL(state string) string

AuthCodeURL returns a URL that the end-user should be redirected to, so that they may obtain an authorization code.

type Token

type Token struct {
	AccessToken  string
	RefreshToken string
	Expiry       time.Time // If zero the token has no (known) expiry time.
}

Token contains an end-user's tokens. This is the data you must store to persist authentication.

func (*Token) Expired

func (t *Token) Expired() bool

type Transport

type Transport struct {
	*Config
	*Token

	// Transport is the HTTP transport to use when making requests.
	// It will default to http.DefaultTransport if nil.
	// (It should never be an oauth.Transport.)
	Transport http.RoundTripper
}

Transport implements http.RoundTripper. When configured with a valid Config and Token it can be used to make authenticated HTTP requests.

	t := &oauth.Transport{config}
     t.Exchange(code)
     // t now contains a valid Token
	r, _, err := t.Client().Get("http://example.org/url/requiring/auth")

It will automatically refresh the Token if it can, updating the supplied Token in place.

func (*Transport) Client

func (t *Transport) Client() *http.Client

Client returns an *http.Client that makes OAuth-authenticated requests.

func (*Transport) Exchange

func (t *Transport) Exchange(code string) (tok *Token, err error)

Exchange takes a code and gets access Token from the remote server.

func (*Transport) Refresh

func (t *Transport) Refresh() error

Refresh renews the Transport's AccessToken using its RefreshToken.

func (*Transport) RoundTrip

func (t *Transport) RoundTrip(req *http.Request) (*http.Response, error)

RoundTrip executes a single HTTP transaction using the Transport's Token as authorization headers.

This method will attempt to renew the Token if it has expired and may return an error related to that Token renewal before attempting the client request. If the Token cannot be renewed a non-nil os.Error value will be returned. If the Token is invalid callers should expect HTTP-level errors, as indicated by the Response's StatusCode.