oauth2

package
v0.0.0-...-c89386b Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 17, 2020 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Overview

Package oauth2 implements an http.Handler that performs the 3-leg OAuth2 authentication flow. While it can be used with all OAuth2 providers, functions are provided specifically for GitHub integration.

Index

Constants

View Source
const (
	DefaultRoute = "/api/github/auth"
)

Variables

View Source
var (
	DefaultSessionKey = "oauth2.state"
)
View Source
var (
	ErrInvalidState = errors.New("oauth2: invalid state value")
)

Functions

func DefaultErrorCallback

func DefaultErrorCallback(w http.ResponseWriter, r *http.Request, err error)

func DefaultLoginCallback

func DefaultLoginCallback(w http.ResponseWriter, r *http.Request, login *Login)

func GetConfig

func GetConfig(c githubapp.Config, scopes []string) *oauth2.Config

func NewHandler

func NewHandler(c *oauth2.Config, params ...Param) http.Handler

NewHandler returns an http.Hander that implements the 3-leg OAuth2 flow on a single endpoint. It accepts callbacks for both error and success conditions so that clients can take action after the auth flow is complete.

Types

type ErrorCallback

type ErrorCallback func(w http.ResponseWriter, r *http.Request, err error)

type Login

type Login struct {
	Token  *oauth2.Token
	Client *http.Client
}

Login contains information about the result of a successful auth flow.

type LoginCallback

type LoginCallback func(w http.ResponseWriter, r *http.Request, login *Login)

type LoginError

type LoginError string

LoginError is an error returned as a parameter by the OAuth provider.

func (LoginError) Error

func (err LoginError) Error() string

type Param

type Param func(*handler)

func ForceTLS

func ForceTLS(forceTLS bool) Param

ForceTLS determines if generated URLs always use HTTPS. By default, the protocol of the request is used.

func OnError

func OnError(c ErrorCallback) Param

OnError sets the error callback.

func OnLogin

func OnLogin(c LoginCallback) Param

OnLogin sets the login callback.

func WithStore

func WithStore(ss StateStore) Param

WithStore sets the StateStore used to create and verify OAuth2 states. The default state store uses a static value, is insecure, and is not suitable for production use.

type SessionStateStore

type SessionStateStore struct {
	Sessions *scs.Manager
}

func (*SessionStateStore) GenerateState

func (s *SessionStateStore) GenerateState(w http.ResponseWriter, r *http.Request) (string, error)

func (*SessionStateStore) VerifyState

func (s *SessionStateStore) VerifyState(r *http.Request, expected string) (bool, error)

type StateStore

type StateStore interface {
	// GenerateState creates a new state value, storing it in a way that can be
	// retrieved by VerifyState at a later point.
	GenerateState(w http.ResponseWriter, r *http.Request) (string, error)

	// VerifyState checks that the state associated with the request matches
	// the given state. To avoid timing attacks, implementations should use
	// constant-time comparisons if possible.
	VerifyState(r *http.Request, state string) (bool, error)
}

StateStore generates and verifies the state parameter for OAuth2 flows.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL