Documentation
¶
Overview ¶
Package authn implements handlers for traefik-simple-auth to authenticate a user. It implements the authn handshake, as well as a means to get the email address of the authenticated users.
Currently, Google and GitHub are supported as authn providers.
Additionally, it implements a means of protecting the OAuth2 flow against CSRF attacks by associating each login request with a randomly generated state.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BaseHandler ¶
BaseHandler implements the generic part of a Handler.
type GitHubHandler ¶
type GitHubHandler struct {
BaseHandler
}
GitHubHandler performs the OAuth handshake using GitHub as authenticator and gets the email address for the authenticated user.
func NewGitHubHandler ¶
func NewGitHubHandler(_ context.Context, clientID, clientSecret, authURL string, logger *slog.Logger) *GitHubHandler
NewGitHubHandler returns a new Handler for GitHub.
func (GitHubHandler) GetUserEmailAddress ¶
GetUserEmailAddress returns the email address of the authenticated user.
For GitHub, we first check the user's profile. If the user's email address if marked as public, that email address is returned. Otherwise, we check the different email addresses for that user. If one is marked as primary, that email address is returned. Otherwise, we return the first email address in the list.
type Handler ¶
type Handler interface {
// AuthCodeURL generates the URL to use in the authn handshake.
AuthCodeURL(state string, opts ...oauth2.AuthCodeOption) string
// GetUserEmailAddress returns the email address of the authenticated user.
GetUserEmailAddress(ctx context.Context, code string) (string, error)
}
A Handler performs the OAuth handshake and get the email address for the authenticated user.
Source Files