oauth

package

v0.2.0 Latest Latest Go to latest Published: Nov 19, 2021 License: Apache-2.0 Imports: 22 Imported by: 63

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/gomodule/oauth1

Links

Open Source Insights

Documentation ¶

Overview ¶

Package oauth is consumer interface for OAuth 1.0, OAuth 1.0a and RFC 5849.

Redirection-based Authorization ¶

This section outlines how to use the oauth package in redirection-based authorization (http://tools.ietf.org/html/rfc5849#section-2).

Step 1: Create a Client using credentials and URIs provided by the server. The Client can be initialized once at application startup and stored in a package-level variable.

Step 2: Request temporary credentials using the Client RequestTemporaryCredentials method. The callbackURL parameter is the URL of the callback handler in step 4. Save the returned credential secret so that it can be later found using credential token as a key. The secret can be stored in a database keyed by the token. Another option is to store the token and secret in session storage or a cookie.

Step 3: Redirect the user to URL returned from AuthorizationURL method. The AuthorizationURL method uses the temporary credentials from step 2 and other parameters as specified by the server.

Step 4: The server redirects back to the callback URL specified in step 2 with the temporary token and a verifier. Use the temporary token to find the temporary secret saved in step 2. Using the temporary token, temporary secret and verifier, request token credentials using the client RequestToken method. Save the returned credentials for later use in the application.

Signing Requests ¶

The Client type has two low-level methods for signing requests, SignForm and SetAuthorizationHeader.

The SignForm method adds an OAuth signature to a form. The application makes an authenticated request by encoding the modified form to the query string or request body.

The SetAuthorizationHeader method adds an OAuth signature to a request header. The SetAuthorizationHeader method is the only way to correctly sign a request if the application sets the URL Opaque field when making a request.

The Get, Put, Post and Delete methods sign and invoke a request using the supplied net/http Client. These methods are easy to use, but not as flexible as constructing a request using one of the low-level methods.

Context With HTTP Client ¶

A context-enabled method can include a custom HTTP client in the context and execute an HTTP request using the included HTTP client.

hc := &http.Client{Timeout: 2 * time.Second}
ctx := context.WithValue(context.Background(), oauth.HTTPClient, hc)
c := oauth.Client{ /* Any settings */ }
resp, err := c.GetContext(ctx, &oauth.Credentials{}, rawurl, nil)

Index ¶

Variables
type Client
type Credentials
type RequestCredentialsError
- func (e RequestCredentialsError) Error() string
type SignatureMethod
- func (sm SignatureMethod) String() string

Constants ¶

This section is empty.

Variables ¶

View Source

var HTTPClient contextKey

HTTPClient is the context key to use with context's WithValue function to associate an *http.Client value with a context.

Functions ¶

This section is empty.

Types ¶

type Client ¶

type Client struct {
	// Credentials specifies the client key and secret.
	// Also known as the consumer key and secret
	Credentials Credentials

	// TemporaryCredentialRequestURI is the endpoint used by the client to
	// obtain a set of temporary credentials. Also known as the request token
	// URL.
	TemporaryCredentialRequestURI string

	// ResourceOwnerAuthorizationURI is the endpoint to which the resource
	// owner is redirected to grant authorization. Also known as authorization
	// URL.
	ResourceOwnerAuthorizationURI string

	// TokenRequestURI is the endpoint used by the client to request a set of
	// token credentials using a set of temporary credentials. Also known as
	// access token URL.
	TokenRequestURI string

	// RenewCredentialRequestURI is the endpoint the client uses to
	// request a new set of token credentials using the old set of credentials.
	RenewCredentialRequestURI string

	// TemporaryCredentialsMethod is the HTTP method used by the client to
	// obtain a set of temporary credentials. If this field is the empty
	// string, then POST is used.
	TemporaryCredentialsMethod string

	// TokenCredentailsMethod is the HTTP method used by the client to request
	// a set of token credentials. If this field is the empty string, then POST
	// is used.
	TokenCredentailsMethod string

	// Header specifies optional extra headers for requests.
	Header http.Header

	// SignatureMethod specifies the method for signing a request.
	SignatureMethod SignatureMethod

	// PrivateKey is the private key to use for RSA-SHA* signatures. This field
	// must be set for RSA-SHA* signatures and ignored for other signature
	// methods.
	PrivateKey *rsa.PrivateKey
}

Client represents an OAuth client.

func (*Client) AuthorizationHeader ¶

func (c *Client) AuthorizationHeader(credentials *Credentials, method string, u *url.URL, params url.Values) string

AuthorizationHeader returns the HTTP authorization header value for given method, URL and parameters.

AuthorizationHeader is deprecated. Use SetAuthorizationHeader instead.

func (*Client) AuthorizationURL ¶

func (c *Client) AuthorizationURL(temporaryCredentials *Credentials, additionalParams url.Values) string

AuthorizationURL returns the URL for resource owner authorization. See http://tools.ietf.org/html/rfc5849#section-2.2 for information about resource owner authorization.

func (*Client) Delete ¶

func (c *Client) Delete(client *http.Client, credentials *Credentials, urlStr string, form url.Values) (*http.Response, error)

Delete issues a DELETE with the specified form.

func (*Client) DeleteContext ¶

func (c *Client) DeleteContext(ctx context.Context, credentials *Credentials, urlStr string, form url.Values) (*http.Response, error)

DeleteContext uses Context to perform Delete.

func (*Client) Get ¶

func (c *Client) Get(client *http.Client, credentials *Credentials, urlStr string, form url.Values) (*http.Response, error)

Get issues a GET to the specified URL with form added as a query string.

func (*Client) GetContext ¶

func (c *Client) GetContext(ctx context.Context, credentials *Credentials, urlStr string, form url.Values) (*http.Response, error)

GetContext uses Context to perform Get.

func (*Client) Post ¶

func (c *Client) Post(client *http.Client, credentials *Credentials, urlStr string, form url.Values) (*http.Response, error)

Post issues a POST with the specified form.

func (*Client) PostContext ¶

func (c *Client) PostContext(ctx context.Context, credentials *Credentials, urlStr string, form url.Values) (*http.Response, error)

PostContext uses Context to perform Post.

func (*Client) Put ¶

func (c *Client) Put(client *http.Client, credentials *Credentials, urlStr string, form url.Values) (*http.Response, error)

Put issues a PUT with the specified form.

func (*Client) PutContext ¶

func (c *Client) PutContext(ctx context.Context, credentials *Credentials, urlStr string, form url.Values) (*http.Response, error)

PutContext uses Context to perform Put.

func (*Client) RenewRequestCredentials ¶

func (c *Client) RenewRequestCredentials(client *http.Client, credentials *Credentials, sessionHandle string) (*Credentials, url.Values, error)

RenewRequestCredentials requests new token credentials from the server. See http://wiki.oauth.net/w/page/12238549/ScalableOAuth#AccessTokenRenewal for information about access token renewal.

func (*Client) RenewRequestCredentialsContext ¶

func (c *Client) RenewRequestCredentialsContext(ctx context.Context, credentials *Credentials, sessionHandle string) (*Credentials, url.Values, error)

RenewRequestCredentialsContext uses Context to perform RenewRequestCredentials.

func (*Client) RequestTemporaryCredentials ¶

func (c *Client) RequestTemporaryCredentials(client *http.Client, callbackURL string, additionalParams url.Values) (*Credentials, error)

RequestTemporaryCredentials requests temporary credentials from the server. See http://tools.ietf.org/html/rfc5849#section-2.1 for information about temporary credentials.

func (*Client) RequestTemporaryCredentialsContext ¶

func (c *Client) RequestTemporaryCredentialsContext(ctx context.Context, callbackURL string, additionalParams url.Values) (*Credentials, error)

RequestTemporaryCredentialsContext uses Context to perform RequestTemporaryCredentials.

func (*Client) RequestToken ¶

func (c *Client) RequestToken(client *http.Client, temporaryCredentials *Credentials, verifier string) (*Credentials, url.Values, error)

RequestToken requests token credentials from the server. See http://tools.ietf.org/html/rfc5849#section-2.3 for information about token credentials.

func (*Client) RequestTokenContext ¶

func (c *Client) RequestTokenContext(ctx context.Context, temporaryCredentials *Credentials, verifier string) (*Credentials, url.Values, error)

RequestTokenContext uses Context to perform RequestToken.

func (*Client) RequestTokenXAuth ¶

func (c *Client) RequestTokenXAuth(client *http.Client, temporaryCredentials *Credentials, user, password string) (*Credentials, url.Values, error)

RequestTokenXAuth requests token credentials from the server using the xAuth protocol. See https://dev.twitter.com/oauth/xauth for information on xAuth.

func (*Client) RequestTokenXAuthContext ¶

func (c *Client) RequestTokenXAuthContext(ctx context.Context, temporaryCredentials *Credentials, user, password string) (*Credentials, url.Values, error)

RequestTokenXAuthContext uses Context to perform RequestTokenXAuth.

func (*Client) SetAuthorizationHeader ¶

func (c *Client) SetAuthorizationHeader(header http.Header, credentials *Credentials, method string, u *url.URL, form url.Values) error

SetAuthorizationHeader adds an OAuth signature to a request header.

See http://tools.ietf.org/html/rfc5849#section-3.5.1 for information about transmitting OAuth parameters in an HTTP request header.

func (*Client) SignForm ¶

func (c *Client) SignForm(credentials *Credentials, method, urlStr string, form url.Values) error

SignForm adds an OAuth signature to form. The urlStr argument must not include a query string.

See http://tools.ietf.org/html/rfc5849#section-3.5.2 for information about transmitting OAuth parameters in a request body and http://tools.ietf.org/html/rfc5849#section-3.5.2 for information about transmitting OAuth parameters in a query string.

func (*Client) SignParam ¶

func (c *Client) SignParam(credentials *Credentials, method, urlStr string, params url.Values)

SignParam is deprecated. Use SignForm instead.

type Credentials ¶

type Credentials struct {
	Token  string // Also known as consumer key or access token.
	Secret string // Also known as consumer secret or access token secret.
}

Credentials represents client, temporary and token credentials.

type RequestCredentialsError ¶

type RequestCredentialsError struct {
	StatusCode int
	Header     http.Header
	Body       []byte
	// contains filtered or unexported fields
}

RequestCredentialsError is an error containing response information when requesting credentials.

func (RequestCredentialsError) Error ¶

func (e RequestCredentialsError) Error() string

type SignatureMethod ¶

type SignatureMethod int

SignatureMethod identifies a signature method.

const (
	HMACSHA1   SignatureMethod = iota // HMAC-SHA1
	RSASHA1                           // RSA-SHA1
	PLAINTEXT                         // Plain text
	HMACSHA256                        // HMAC-256
	RSASHA256                         // RSA-SHA256
)

func (SignatureMethod) String ¶

func (sm SignatureMethod) String() string

Source Files ¶

View all Source files

oauth.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL