auth

package module
v2.0.0-...-e0ea38d Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 10, 2024 License: MIT Imports: 10 Imported by: 0

Documentation

Overview

Package auth provides "social login" with Github, Google, Facebook, Microsoft, Yandex and Battle.net as well as custom auth providers.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Client 

type Client struct {
	Cid     string
	Csecret string
}

Client is a type of auth client

type Opts 

type Opts struct {
	SecretReader   token.Secret        // reader returns secret for given site id (aud), required
	ClaimsUpd      token.ClaimsUpdater // updater for jwt to add/modify values stored in the token
	SecureCookies  bool                // makes jwt cookie secure
	TokenDuration  time.Duration       // token's TTL, refreshed automatically
	CookieDuration time.Duration       // cookie's TTL. This cookie stores JWT token

	DisableXSRF bool // disable XSRF protection, useful for testing/debugging
	DisableIAT  bool // disable IssuedAt claim

	// optional (custom) names for cookies and headers
	JWTCookieName   string        // default "JWT"
	JWTCookieDomain string        // default empty
	JWTHeaderKey    string        // default "X-JWT"
	XSRFCookieName  string        // default "XSRF-TOKEN"
	XSRFHeaderKey   string        // default "X-XSRF-TOKEN"
	JWTQuery        string        // default "token"
	SendJWTHeader   bool          // if enabled send JWT as a header instead of cookie
	SameSiteCookie  http.SameSite // limit cross-origin requests with SameSite cookie attribute

	Issuer string // optional value for iss claim, usually the application name, default "go-pkgz/auth"

	URL       string          // root url for the rest service, i.e. http://blah.example.com, required
	Validator token.Validator // validator allows to reject some valid tokens with user-defined logic

	AvatarStore       avatar.Store // store to save/load avatars, required (use avatar.NoOp to disable avatars support)
	AvatarResizeLimit int          // resize avatar's limit in pixels
	AvatarRoutePath   string       // avatar routing prefix, i.e. "/api/v1/avatar", default `/avatar`
	UseGravatar       bool         // for email based auth (verified provider) use gravatar service

	AdminPasswd      string                   // if presented, allows basic auth with user admin and given password
	BasicAuthChecker middleware.BasicAuthFunc // user custom checker for basic auth, if one defined then "AdminPasswd" will ignored
	AudienceReader   token.Audience           // list of allowed aud values, default (empty) allows any
	AudSecrets       bool                     // allow multiple secrets (secret per aud)
	Logger           logger.L                 // logger interface, default is no logging at all
	RefreshCache     middleware.RefreshCache  // optional cache to keep refreshed tokens
}

Opts is a full set of all parameters to initialize Service

type Service 

type Service struct {
	// contains filtered or unexported fields
}

Service provides higher level wrapper allowing to construct everything and get back token middleware

func NewService 

func NewService(opts Opts) (res *Service)

NewService initializes everything

func (*Service) AddAppleProvider 

func (s *Service) AddAppleProvider(appleConfig provider.AppleConfig, privKeyLoader provider.PrivateKeyLoaderInterface) error

AddAppleProvider allow SignIn with Apple ID

func (*Service) AddCustomHandler 

func (s *Service) AddCustomHandler(handler provider.Provider)

AddCustomHandler adds user-defined self-implemented handler of auth provider

func (*Service) AddCustomProvider 

func (s *Service) AddCustomProvider(name string, client Client, copts provider.CustomHandlerOpt)

AddCustomProvider adds custom provider (e.g. https://gopkg.in/oauth2.v3)

func (*Service) AddDevProvider 

func (s *Service) AddDevProvider(host string, port int)

AddDevProvider with a custom host and port

func (*Service) AddDirectProvider 

func (s *Service) AddDirectProvider(name string, credChecker provider.CredChecker)

AddDirectProvider adds provider with direct check against data store it doesn't do any handshake and uses provided credChecker to verify user and password from the request

func (*Service) AddDirectProviderWithUserIDFunc 

func (s *Service) AddDirectProviderWithUserIDFunc(name string, credChecker provider.CredChecker, ufn provider.UserIDFunc)

AddDirectProviderWithUserIDFunc adds provider with direct check against data store and sets custom UserIDFunc allows to modify user's ID on the client side. it doesn't do any handshake and uses provided credChecker to verify user and password from the request

func (*Service) AddProvider 

func (s *Service) AddProvider(name, cid, csecret string)

AddProvider adds provider for given name

func (*Service) AddProviderWithUserAttributes 

func (s *Service) AddProviderWithUserAttributes(name, cid, csecret string, userAttributes provider.UserAttributes)

AddProviderWithUserAttributes adds provider with user attributes mapping

func (*Service) AddVerifProvider 

func (s *Service) AddVerifProvider(name, msgTmpl string, sender provider.Sender)

AddVerifProvider adds provider user's verification sent by sender

func (*Service) AvatarProxy 

func (s *Service) AvatarProxy() *avatar.Proxy

AvatarProxy returns stored in service

func (*Service) DevAuth 

func (s *Service) DevAuth() (*provider.DevAuthServer, error)

DevAuth makes dev oauth2 server, for testing and development only!

func (*Service) Handlers 

func (s *Service) Handlers() (authHandler, avatarHandler http.Handler)

Handlers gets http.Handler for all providers and avatars

func (*Service) Middleware 

func (s *Service) Middleware() middleware.Authenticator

Middleware returns auth middleware

func (*Service) Provider 

func (s *Service) Provider(name string) (provider.Service, error)

Provider gets provider by name

func (*Service) Providers 

func (s *Service) Providers() []provider.Service

Providers gets all registered providers

func (*Service) TokenService 

func (s *Service) TokenService() *token.Service

TokenService returns token.Service

Source Files

View all Source files

Directories

Path Synopsis
Package avatar implements avatart proxy for oauth and defines store interface and implements local (fs), gridfs (mongo) and boltdb stores.
 Package avatar implements avatart proxy for oauth and defines store interface and implements local (fs), gridfs (mongo) and boltdb stores.
Package logger defines interface for logging.
 Package logger defines interface for logging.
Package middleware provides login middlewares: - Auth: adds auth from session and populates user info - Trace: populates user info if token presented - AdminOnly: restrict access to admin users only
 Package middleware provides login middlewares: - Auth: adds auth from session and populates user info - Trace: populates user info if token presented - AdminOnly: restrict access to admin users only
Package provider implements all oauth2, oauth1 as well as custom and direct providers
 Package provider implements all oauth2, oauth1 as well as custom and direct providers
sender
Package sender provides email sender
 Package sender provides email sender
Package token wraps jwt-go library and provides higher level abstraction to work with JWT.
 Package token wraps jwt-go library and provides higher level abstraction to work with JWT.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.