oauth2

package module
v0.0.0-...-5527e0c Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 17, 2016 License: Apache-2.0 Imports: 10 Imported by: 0

README

negroni-oauth2 GoDoc wercker status

Allows your Negroni application to support user login via an OAuth 2.0 backend. Requires negroni-sessions middleware.

Google, Facebook, LinkedIn and Github sign-in are currently supported.

Once endpoints are provided, this middleware can work with any OAuth 2.0 backend.

Usage

package main

import (
	"fmt"
	"net/http"

	oauth2 "github.com/goincremental/negroni-oauth2"
	sessions "github.com/goincremental/negroni-sessions"
	"github.com/goincremental/negroni-sessions/cookiestore"
	"github.com/urfave/negroni"
)

func main() {

	secureMux := http.NewServeMux()

	// Routes that require a logged in user
	// can be protected by using a separate route handler
	// If the user is not authenticated, they will be
	// redirected to the login path.
	secureMux.HandleFunc("/restrict", func(w http.ResponseWriter, req *http.Request) {
		token := oauth2.GetToken(req)
		fmt.Fprintf(w, "OK: %s", token.Access())
	})

	secure := negroni.New()
	secure.Use(oauth2.LoginRequired())
	secure.UseHandler(secureMux)

	n := negroni.New()
	n.Use(sessions.Sessions("my_session", cookiestore.New([]byte("secret123"))))
	n.Use(oauth2.Google(&oauth2.Config{
		ClientID:     "client_id",
		ClientSecret: "client_secret",
		RedirectURL:  "refresh_url",
		Scopes:       []string{"https://www.googleapis.com/auth/drive"},
	}))

	router := http.NewServeMux()

	//routes added to mux do not require authentication
	router.HandleFunc("/", func(w http.ResponseWriter, req *http.Request) {
		token := oauth2.GetToken(req)
		if token == nil || !token.Valid() {
			fmt.Fprintf(w, "not logged in, or the access token is expired")
			return
		}
		fmt.Fprintf(w, "logged in")
		return
	})

	//There is probably a nicer way to handle this than repeat the restricted routes again
	//of course, you could use something like gorilla/mux and define prefix / regex etc.
	router.Handle("/restrict", secure)

	n.UseHandler(router)

	n.Run(":3000")
}

Auth flow

  • /login will redirect user to the OAuth 2.0 provider's permissions dialog. If there is a next query param provided, user is redirected to the next page afterwards.
  • If user agrees to connect, OAuth 2.0 provider will redirect to /oauth2callback to let your app to make the handshake. You need to register /oauth2callback as a Redirect URL in your application settings.
  • /logout will log the user out. If there is a next query param provided, user is redirected to the next page afterwards.

You can customize the login, logout, oauth2callback and error paths:

oauth2.PathLogin = "/oauth2login"
oauth2.PathLogout = "/oauth2logout"
...

Contributors

Derived from martini-contrib/oauth2

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// PathLogin sets the path to handle OAuth 2.0 logins.
	PathLogin = "/login"
	// PathLogout sets to handle OAuth 2.0 logouts.
	PathLogout = "/logout"
	// PathCallback sets the path to handle callback from OAuth 2.0 backend
	// to exchange credentials.
	PathCallback = "/oauth2callback"
	// PathError sets the path to handle error cases.
	PathError = "/oauth2error"
)

Functions

func Facebook

func Facebook(config *Config) negroni.Handler

func Github

func Github(config *Config) negroni.Handler

Returns a new Github OAuth 2.0 backend endpoint.

func Google

func Google(config *Config) negroni.Handler

Returns a new Google OAuth 2.0 backend endpoint.

func LinkedIn

func LinkedIn(config *Config) negroni.Handler

func LoginRequired

func LoginRequired() negroni.HandlerFunc

Handler that redirects user to the login page if user is not logged in.

func NewOAuth2Provider

func NewOAuth2Provider(config *Config, authUrl, tokenUrl string) negroni.HandlerFunc

Returns a generic OAuth 2.0 backend endpoint.

func SetToken

func SetToken(r *http.Request, t interface{})

Types

type Config

type Config oauth2.Config

type Token

type Token oauth2.Token

type Tokens

type Tokens interface {
	Access() string
	Refresh() string
	Valid() bool
	ExpiryTime() time.Time
	ExtraData(string) interface{}
	Get() Token
}

Tokens Represents a container that contains user's OAuth 2.0 access and refresh tokens.

func GetToken

func GetToken(r *http.Request) Tokens

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL