Documentation
¶
Overview ¶
Package indieauth provides support for authorization using IndieAuth.
Index ¶
- Constants
- type Config
- type Endpoints
- type RequestError
- type Response
- type Sessions
- func (s *Sessions) RedirectToSignIn(w http.ResponseWriter, r *http.Request, me string) error
- func (s *Sessions) SignOut(w http.ResponseWriter, r *http.Request) error
- func (s *Sessions) SignedIn(r *http.Request) (*Response, bool)
- func (s *Sessions) Verify(w http.ResponseWriter, r *http.Request) error
Examples ¶
Constants ¶
const ( // ErrCannotClaim means the authorization endpoint of the returned 'me' did // not match that which was initially discovered. ErrCannotClaim clientError = iota // ErrAuthorizationEndpointMissing means an authorization endpoint could not // be found for the entered 'me'. ErrAuthorizationEndpointMissing )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
Config defines a client for authorizing users to perform a set of defined actions.
func (*Config) AuthCodeURL ¶
AuthCodeURL returns a URL to the authorization provider.
func (*Config) Exchange ¶
Exchange converts an authorization code into a token or profile information. The code will be in the query string of the request sent to the RedirectURL, before calling this method ensure you check the state parameter matches the value used for AuthCodeURL.
If Scopes is empty, "profile", or "profile email", the response will not contain an access token.
func (*Config) FindEndpoints ¶
FindEndpoints retrieves the defined authorization and token endpoints for 'me'. As an authorization endpoint must exist to authenticate a user ErrAuthorizationEndpointMissing will be returned if one cannot be found.
type RequestError ¶
func (*RequestError) Error ¶
func (e *RequestError) Error() string
type Response ¶
type Sessions ¶
type Sessions struct {
// contains filtered or unexported fields
}
func NewSessions ¶
NewSessions creates a new session handler that uses cookies to store the current user. The secret should be 32 or 64 bytes base64 encoded.
Example ¶
sessions, _ := indieauth.NewSessions("7xZ+h4OnB0EkgSDspZila2fvn5c0ggE+xmBz9VpyfGU=", &indieauth.Config{
ClientID: "http://localhost:8080/",
RedirectURL: "http://localhost:8080/callback",
})
mux := http.NewServeMux()
mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/html")
if response, ok := sessions.SignedIn(r); ok {
fmt.Fprintf(w, `Signed in as: %s<br/><a href="/sign-out">Sign-out</a>`, response.Me)
} else {
fmt.Fprint(w, `<form action="/sign-in"><input name="me"><button type="submit">Sign-in</button>`)
}
})
mux.HandleFunc("/sign-in", func(w http.ResponseWriter, r *http.Request) {
if err := sessions.RedirectToSignIn(w, r, r.FormValue("me")); err != nil {
log.Println(err)
http.Error(w, "", http.StatusInternalServerError)
}
})
mux.HandleFunc("/callback", func(w http.ResponseWriter, r *http.Request) {
if err := sessions.Verify(w, r); err != nil {
log.Println(err)
http.Error(w, "", http.StatusInternalServerError)
return
}
http.Redirect(w, r, "/", http.StatusFound)
})
mux.HandleFunc("/sign-out", func(w http.ResponseWriter, r *http.Request) {
if err := sessions.SignOut(w, r); err != nil {
log.Println(err)
http.Error(w, "", http.StatusInternalServerError)
return
}
http.Redirect(w, r, "/", http.StatusFound)
})
log.Println("Listening at :8080")
http.ListenAndServe(":8080", mux)
Output:
func (*Sessions) RedirectToSignIn ¶
RedirectToSignIn will issue a redirect to the authorization endpoint discovered for "me".
Source Files