authorizer

package module
v0.0.0-...-0eeef41 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 2, 2024 License: MIT Imports: 9 Imported by: 0

README

authorizer-go

Golang SDK for authorizer.dev server. This SDK will be handy to add API middleware where you can authorize your users. It will also empower you to perform various auth operations on authorizer server.

For detailed explanation of each functions check official docs

Getting Started

Pre-requisite: You will need an authorizer instance up and running. Checkout how you can host your instance in the docs

Follow the steps here to install authorizer-go in your golang project and use the methods of SDK to protect/authorize your APIs

Once you have deployed authorizer instance. Get Client ID from your authorizer instance dashboard

client_id

Step 1: Install authorizer-go SDK

Run the following command to download authorizer-go SDK

go get github.com/authorizerdev/authorizer-go
Step 2: Initialize authorizer client

Parameters

Key Type Required Description
clientID string true Your unique client identifier obtained from authorizer dashboard
authorizerURL string true Authorizer server URL
redirectURL string false Default URL to which you would like to redirect the user in case of successful signup / login / forgot password
extraHeaders map[string]string false set of headers that you would like to pass with each request

Example

defaultHeaders := map[string]string{}

authorizerClient, err := authorizer.NewAuthorizerClient("YOUR_CLIENT_ID", "YOUR_AUHTORIZER_URL", "OPTIONAL_REDIRECT_URL", defaultHeaders)
if err != nil {
    panic(err)
}
Step 3: Access all the SDK methods using authorizer client instance, initialized on step 2

Example

response, err := authorizerClient.Login(&authorizer.LoginInput{
    Email:    "test@yopmail.com",
    Password: "Abc@123",
})
if err != nil {
    panic(err)
}

How to use authorizer as API gateway

Note: This example demonstrates how to use authorizer in middleware for a go-gin server. But logic remains the same under the hood, where you can get auth token from header and validate it via authorizer SDK

package main

import (
	"net/http"
	"strings"

	"github.com/authorizerdev/authorizer-go"
	"github.com/gin-gonic/gin"
)

func AuthorizeMiddleware() gin.HandlerFunc {
	return func(c *gin.Context) {
		/**
		  for open routes you can add condition here and just return with c.Next()
		  so that it does not validate token for those routes
		*/

		authHeader := c.Request.Header.Get("Authorization")
		tokenSplit := strings.Split(authHeader, " ")

		defaultHeaders := map[string]string{}
		authorizerClient, err := authorizer.NewAuthorizerClient("YOUR_CLIENT_ID", "YOUR_AUHTORIZER_URL", "OPTIONAL_REDIRECT_URL", defaultHeaders)
		if err != nil {
			// unauthorized
			c.AbortWithStatusJSON(401, "unauthorized")
			return
		}

		if len(tokenSplit) < 2 || tokenSplit[1] == "" {
			// unauthorized
			c.AbortWithStatusJSON(401, "unauthorized")
			return
		}

		res, err := authorizerClient.ValidateJWTToken(&authorizer.ValidateJWTTokenInput{
			TokenType: authorizer.TokenTypeIDToken,
			Token:     tokenSplit[1],
		})
		if err != nil {
			// unauthorized
			c.AbortWithStatusJSON(401, "unauthorized")
			return
		}

		if !res.IsValid {
			// unauthorized
			c.AbortWithStatusJSON(401, "unauthorized")
			return
		}

		c.Next()
	}
}

func main() {
	router := gin.New()
	router.Use(AuthorizeMiddleware())

	router.GET("/ping", func(c *gin.Context) {
		c.JSON(http.StatusOK, gin.H{
			"message": "pong",
		})
	})

	router.Run(":8090")
}

CURL command to test go-gin server created in example

Copy JWT ID token from login response of authorizer login mutation / social media login and replace JWT_TOKEN below

curl --location --request GET 'http://localhost:8090/ping' \
--header 'Authorization: Bearer JWT_TOKEN'

Documentation

Overview

Package authorizer provides client and methods using which you can perform various graphql operations to your authorizer instance

Index

Constants

View Source 
const (
	// GrantTypeAuthorizationCode is used for authorization_code grant type
	GrantTypeAuthorizationCode = "authorization_code"

	// GrantTypeRefreshToken is used for refresh_token grant type
	GrantTypeRefreshToken = "refresh_token"

	// UserFragment defines graphql fragment for all the user attributes
	UserFragment = `` /* 229-byte string literal not displayed */

)

Variables

View Source 
var AuthTokenResponseFragment = fmt.Sprintf(`message access_token expires_in refresh_token id_token should_show_email_otp_screen should_show_mobile_otp_screen user { 	%s }`, UserFragment)

AuthTokenResponseFragment defines graphql response for auth token type, which is common across various authorizer operations

Functions

func CreateRandomString 

func CreateRandomString() string

CreateRandomString returns a random string 43 characters

func EncodeB64 

func EncodeB64(message string) string

EncodeB64 returns string which is base64 encoded

func NewStringRef 

func NewStringRef(v string) *string

NewStringRef returns a reference to a string with given value

func StringValue 

func StringValue(r *string, defaultValue ...string) string

StringValue returns the value of the given string ref

Types

type AuthTokenResponse 

type AuthTokenResponse struct {
	Message                   *string `json:"message,omitempty"`
	AccessToken               *string `json:"access_token,omitempty"`
	ExpiresIn                 *int64  `json:"expires_in,omitempty"`
	IdToken                   *string `json:"id_token,omitempty"`
	RefreshToken              *string `json:"refresh_token,omitempty"`
	ShouldShowEmailOtpScreen  *bool   `json:"should_show_email_otp_screen"`
	ShouldShowMobileOtpScreen *bool   `json:"should_show_mobile_otp_screen"`
	User                      *User   `json:"user,omitempty"`
}

AuthTokenResponse defines attribute for auth token response, which is common across various authorizer operations

type AuthorizerClient 

type AuthorizerClient struct {
	ClientID      string
	AuthorizerURL string
	RedirectURL   string
	ExtraHeaders  map[string]string
}

AuthorizerClient defines the attributes required to initiate authorizer client

func NewAuthorizerClient 

func NewAuthorizerClient(clientID, authorizerURL, redirectURL string, extraHeaders map[string]string) (*AuthorizerClient, error)

NewAuthorizerClient creates an authorizer client instance. It returns reference to authorizer client instance or error.

func (*AuthorizerClient) DeactivateAccount 

func (c *AuthorizerClient) DeactivateAccount(headers map[string]string) (*Response, error)

DeactivateAccount is method attached to AuthorizerClient. It performs deactivate_account mutation on authorizer instance. It returns Response reference or error. For implementation details check DeactivateAccountExample examples/deactivate_account.go

func (*AuthorizerClient) ExecuteGraphQL 

func (c *AuthorizerClient) ExecuteGraphQL(req *GraphQLRequest, headers map[string]string) ([]byte, error)

func (*AuthorizerClient) ForgotPassword 

func (c *AuthorizerClient) ForgotPassword(req *ForgotPasswordInput) (*Response, error)

ForgotPassword is method attached to AuthorizerClient. It performs forgot_password mutation on authorizer instance. It takes ForgotPasswordInput reference as parameter and returns Response reference or error. For implementation details check ForgotPasswordInputExample in examples/forgot_password.go

func (*AuthorizerClient) GetMetaData 

func (c *AuthorizerClient) GetMetaData() (*MetaDataResponse, error)

GetMetaData is method attached to AuthorizerClient. It performs meta query on authorizer instance. It returns MetaResponse reference or error. For implementation details check GetMetadataExample examples/get_meta_data.go

func (*AuthorizerClient) GetProfile 

func (c *AuthorizerClient) GetProfile(headers map[string]string) (*User, error)

GetProfile is method attached to AuthorizerClient. It performs profile query on authorizer instance. It returns User reference or error. For implementation details check GetProfileExample examples/get_profile.go

func (*AuthorizerClient) GetSession 

func (c *AuthorizerClient) GetSession(req *SessionQueryInput, headers map[string]string) (*AuthTokenResponse, error)

GetSession is method attached to AuthorizerClient. It performs session query on authorizer instance. It returns User reference or error. For implementation details check GetSessionExample examples/get_session.go

func (*AuthorizerClient) GetToken 

func (c *AuthorizerClient) GetToken(req *TokenQueryInput) (*TokenResponse, error)

GetToken is method attached to AuthorizerClient. It performs `/oauth/token` query on authorizer instance. It returns User reference or error. For implementation details check GetTokenExample examples/get_token.go

func (*AuthorizerClient) Login 

func (c *AuthorizerClient) Login(req *LoginInput) (*AuthTokenResponse, error)

Login is method attached to AuthorizerClient. It performs login mutation on authorizer instance. It takes LoginInput reference as parameter and returns AuthTokenResponse reference or error. For implementation details check LoginExample examples/login.go

func (*AuthorizerClient) Logout 

func (c *AuthorizerClient) Logout(headers map[string]string) (*Response, error)

Logout is method attached to AuthorizerClient. It performs Logout mutation on authorizer instance. It takes LogoutInput reference as parameter and returns Response reference or error. For implementation details check LogoutExample examples/Logout.go

func (*AuthorizerClient) MagicLinkLogin 

func (c *AuthorizerClient) MagicLinkLogin(req *MagicLinkLoginInput) (*Response, error)

MagicLinkLoginInput is method attached to AuthorizerClient. It performs magic_link_login mutation on authorizer instance. It takes MagicLinkLoginInput reference as parameter and returns AuthTokenResponse reference or error. For implementation details check MagicLinkLoginExample examples/magic_link_login.go

func (*AuthorizerClient) ResendOTP 

func (c *AuthorizerClient) ResendOTP(req *ResendOTPInput) (*Response, error)

ResendOTP is method attached to AuthorizerClient. It performs resend_otp mutation on authorizer instance. It takes ResendOTPInput reference as parameter and returns Response reference or error. For implementation details check ResendOTPExample examples/resend_otp.go

func (*AuthorizerClient) ResetPassword 

func (c *AuthorizerClient) ResetPassword(req *ResetPasswordInput) (*Response, error)

ResetPassword is method attached to AuthorizerClient. It performs resend_otp mutation on authorizer instance. It takes ResetPasswordInput reference as parameter and returns Response reference or error. For implementation details check ResetPasswordExample examples/resent_password.go

func (*AuthorizerClient) RevokeToken 

func (c *AuthorizerClient) RevokeToken(req *RevokeTokenInput) (*Response, error)

RevokeToken is method attached to AuthorizerClient. It performs /oauth/revoke api call on authorizer instance. It takes RevokeTokenInput reference as parameter and returns Response reference or error. For implementation details check RevokeTokenExample examples/revoke_token.go

func (*AuthorizerClient) SignUp 

func (c *AuthorizerClient) SignUp(req *SignUpInput) (*AuthTokenResponse, error)

SignUp is method attached to AuthorizerClient. It performs signup mutation on authorizer instance. It takes SignUpInput reference as parameter and returns AuthTokenResponse reference or error. For implementation details check SignUpExample examples/signup.go

func (*AuthorizerClient) UpdateProfile 

func (c *AuthorizerClient) UpdateProfile(req *UpdateProfileInput, headers map[string]string) (*Response, error)

UpdateProfile is method attached to AuthorizerClient. It performs update_profile mutation on authorizer instance. It returns User reference or error. For implementation details check UpdateProfileExample examples/update_profile.go

func (*AuthorizerClient) ValidateJWTToken 

func (c *AuthorizerClient) ValidateJWTToken(req *ValidateJWTTokenInput) (*ValidateJWTTokenResponse, error)

ValidateJWTToken is method attached to AuthorizerClient. It performs validate_jwt_token query on authorizer instance. It returns ValidateJWTTokenResponse reference or error. For implementation details check ValidateJWTTokenExample examples/validate_jwt_token.go

func (*AuthorizerClient) ValidateSession 

func (c *AuthorizerClient) ValidateSession(req *ValidateSessionInput) (*ValidateSessionResponse, error)

ValidateSession is method attached to AuthorizerClient. It performs validate_session query on authorizer instance. It returns ValidateSessionResponse reference or error. For implementation details check ValidateSessionExample examples/validate_session.go

func (*AuthorizerClient) VerifyEmail 

func (c *AuthorizerClient) VerifyEmail(req *VerifyEmailInput) (*AuthTokenResponse, error)

VerifyEmail is method attached to AuthorizerClient. It performs verify_email mutation on authorizer instance. It returns AuthTokenResponse reference or error. For implementation details check VerifyEmailExample examples/verify_email.go

func (*AuthorizerClient) VerifyOTP 

func (c *AuthorizerClient) VerifyOTP(req *VerifyOTPInput) (*AuthTokenResponse, error)

VerifyOTP is method attached to AuthorizerClient. It performs verify_otp mutation on authorizer instance. It returns AuthTokenResponse reference or error. For implementation details check VerifyOTPExample examples/verify_otp.go

type ForgotPasswordInput 

type ForgotPasswordInput struct {
	Email       string  `json:"email"`
	State       *string `json:"state,omitempty"`
	RedirectURI *string `json:"redirect_uri,omitempty"`
}

ForgotPasswordInput defines attributes for forgot_password request

type GraphQLError 

type GraphQLError struct {
	Message string   `json:"message"`
	Path    []string `json:"path"`
}

type GraphQLRequest 

type GraphQLRequest struct {
	Query     string                 `json:"query"`
	Variables map[string]interface{} `json:"variables,omitempty"`
}

GraphQLRequest is object used to make graphql queries

type GraphQLResponse 

type GraphQLResponse struct {
	Errors []*GraphQLError `json:"errors"`
	Data   interface{}     `json:"data"`
}

type LoginInput 

type LoginInput struct {
	Email       *string   `json:"email,omitempty"`
	PhoneNumber *string   `json:"phone_number,omitempty"`
	Password    string    `json:"password"`
	Roles       []*string `json:"roles,omitempty"`
	Scope       []*string `json:"scope,omitempty"`
}

LoginInput defines attributes for login request

type MagicLinkLoginInput 

type MagicLinkLoginInput struct {
	Email       string    `json:"email"`
	Roles       []*string `json:"roles,omitempty"`
	Scope       []*string `json:"scope,omitempty"`
	State       *string   `json:"state"`
	RedirectURI *string   `json:"redirect_uri"`
}

MagicLinkLoginInput defines attributes for magic link login request

type MetaDataResponse 

type MetaDataResponse struct {
	Version                      string `json:"version"`
	ClientID                     string `json:"client_id"`
	IsGoogleLoginEnabled         bool   `json:"is_google_login_enabled"`
	IsFacebookLoginEnabled       bool   `json:"is_facebook_login_enabled"`
	IsGithubLoginEnabled         bool   `json:"is_github_login_enabled"`
	IsLinkedinLoginEnabled       bool   `json:"is_linkedin_login_enabled"`
	IsAppleLoginEnabled          bool   `json:"is_apple_login_enabled"`
	IsTwitterLoginEnabled        bool   `json:"is_twitter_login_enabled"`
	IsEmailVerificationEnabled   bool   `json:"is_email_verification_enabled"`
	IsBasicAuthenticationEnabled bool   `json:"is_basic_authentication_enabled"`
	IsMagicLinkLoginEnabled      bool   `json:"is_magic_link_login_enabled"`
	IsSignUpEnabled              bool   `json:"is_sign_up_enabled"`
	IsStrongPasswordEnabled      bool   `json:"is_strong_password_enabled"`
}

MetaDataResponse defines attributes for MetaData response query

type ResendOTPInput 

type ResendOTPInput struct {
	Email       *string `json:"email"`
	PhoneNumber *string `json:"phone_number"`
}

ResendOTPInput defines attributes for resend_otp request

type ResetPasswordInput 

type ResetPasswordInput struct {
	Token           string `json:"token"`
	Password        string `json:"password"`
	ConfirmPassword string `json:"confirm_password"`
}

ResetPasswordInput defines attributes for reset_password request

type Response 

type Response struct {
	Message string `json:"message"`
}

Response defines attribute for Response graphql type it is common across various authorizer operations

type RevokeTokenInput 

type RevokeTokenInput struct {
	RefreshToken string `json:"refresh_token"`
}

RevokeTokenInput defines attributes for /oauth/revoke request

type SessionQueryInput 

type SessionQueryInput struct {
	Roles []*string `json:"roles"`
}

SessionQueryInput defines attributes for session query request

type SignUpInput 

type SignUpInput struct {
	Email                    *string                `json:"email,omitempty"`
	Password                 string                 `json:"password"`
	ConfirmPassword          string                 `json:"confirm_password"`
	GivenName                *string                `json:"given_name,omitempty"`
	FamilyName               *string                `json:"family_name,omitempty"`
	MiddleName               *string                `json:"middle_name,omitempty"`
	NickName                 *string                `json:"nick_name,omitempty"`
	Picture                  *string                `json:"picture,omitempty"`
	Gender                   *string                `json:"gender,omitempty"`
	BirthDate                *string                `json:"birthdate,omitempty"`
	PhoneNumber              *string                `json:"phone_number,omitempty"`
	Roles                    []*string              `json:"roles,omitempty"`
	Scope                    []*string              `json:"scope,omitempty"`
	RedirectURI              *string                `json:"redirect_uri,omitempty"`
	IsMultiFactorAuthEnabled *bool                  `json:"is_multi_factor_auth_enabled,omitempty"`
	AppData                  map[string]interface{} `json:"app_data,omitempty"`
}

SignUpInput defines attributes for signup request

type TokenQueryInput 

type TokenQueryInput struct {
	Code         *string `json:"code"`
	GrantType    *string `json:"grant_type"`
	RefreshToken *string `json:"refresh_token"`
}

TokenQueryInput defines attributes for token request

type TokenResponse 

type TokenResponse struct {
	AccessToken  string  `json:"access_token"`
	ExpiresIn    int64   `json:"expires_in"`
	IdToken      string  `json:"id_token"`
	RefreshToken *string `json:"refresh_token"`
}

TokenResponse defines attributes for token request

type TokenType 

type TokenType string
const (
	// Token type access_token
	TokenTypeAccessToken TokenType = "access_token"
	// Token type id_token
	TokenTypeIDToken TokenType = "id_token"
	// Token type refresh_token
	TokenTypeRefreshToken TokenType = "refresh_token"
)

type UpdateProfileInput 

type UpdateProfileInput struct {
	Email                    *string                `json:"email,omitempty"`
	NewPassword              *string                `json:"new_password,omitempty"`
	ConfirmNewPassword       *string                `json:"confirm_new_password,omitempty"`
	OldPassword              *string                `json:"old_password,omitempty"`
	GivenName                *string                `json:"given_name,omitempty"`
	FamilyName               *string                `json:"family_name,omitempty"`
	MiddleName               *string                `json:"middle_name,omitempty"`
	NickName                 *string                `json:"nick_name,omitempty"`
	Picture                  *string                `json:"picture,omitempty"`
	Gender                   *string                `json:"gender,omitempty"`
	BirthDate                *string                `json:"birthdate,omitempty"`
	PhoneNumber              *string                `json:"phone_number,omitempty"`
	Roles                    []*string              `json:"roles,omitempty"`
	Scope                    []*string              `json:"scope,omitempty"`
	RedirectURI              *string                `json:"redirect_uri,omitempty"`
	IsMultiFactorAuthEnabled *bool                  `json:"is_multi_factor_auth_enabled,omitempty"`
	AppData                  map[string]interface{} `json:"app_data,omitempty"`
}

UpdateProfileInput defines attributes for signup request

type User 

type User struct {
	ID                       string                 `json:"id"`
	Email                    string                 `json:"email"`
	PreferredUsername        string                 `json:"preferred_username"`
	EmailVerified            bool                   `json:"email_verified"`
	SignupMethods            string                 `json:"signup_methods"`
	GivenName                *string                `json:"given_name"`
	FamilyName               *string                `json:"family_name"`
	MiddleName               *string                `json:"middle_name"`
	Nickname                 *string                `json:"nickname"`
	Picture                  *string                `json:"picture"`
	Gender                   *string                `json:"gender"`
	Birthdate                *string                `json:"birthdate"`
	PhoneNumber              *string                `json:"phone_number"`
	PhoneNumberVerified      *bool                  `json:"phone_number_verified"`
	Roles                    []*string              `json:"roles"`
	CreatedAt                int64                  `json:"created_at"`
	UpdatedAt                int64                  `json:"updated_at"`
	IsMultiFactorAuthEnabled *bool                  `json:"is_multi_factor_auth_enabled"`
	AppData                  map[string]interface{} `json:"app_data,omitempty"`
}

User defines attributes for user instance

type ValidateJWTTokenInput 

type ValidateJWTTokenInput struct {
	TokenType TokenType `json:"token_type"`
	Token     string    `json:"token"`
	Roles     []*string `json:"roles,omitempty"`
}

ValidateJWTTokenInput defines attributes for validate_jwt_token request

type ValidateJWTTokenResponse 

type ValidateJWTTokenResponse struct {
	IsValid bool                   `json:"is_valid"`
	Claims  map[string]interface{} `json:"claims"`
}

type ValidateSessionInput 

type ValidateSessionInput struct {
	Cookie string    `json:"cookie,omitempty"`
	Roles  []*string `json:"roles,omitempty"`
}

ValidateSessionInput defines attributes for validate_session request

type ValidateSessionResponse 

type ValidateSessionResponse struct {
	IsValid bool  `json:"is_valid"`
	User    *User `json:"user,omitempty"`
}

type VerifyEmailInput 

type VerifyEmailInput struct {
	Token string `json:"token"`
}

VerifyEmailInput defines attributes for verify_email request

type VerifyOTPInput 

type VerifyOTPInput struct {
	Email       *string `json:"email"`
	OTP         string  `json:"otp"`
	PhoneNumber *string `json:"phone_number"`
}

VerifyOTPInput defines attributes for verify_otp request

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.