github

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 1, 2026 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Overview

Package github provides GitHub-based authentication middleware.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func LoadAccessTokenFromFile 

func LoadAccessTokenFromFile(filePath string) (*api.AccessToken, error)

LoadAccessTokenFromFile loads a GitHub access token from a file.

func NewContextWithGitHubUserInfo 

func NewContextWithGitHubUserInfo(ctx context.Context, userInfo *UserInfo) context.Context

NewContextWithGitHubUserInfo returns a new context with the provided GitHub user info.

func ResolveAccessToken 

func ResolveAccessToken(c ClientConfig) (string, error)

ResolveAccessToken determines the GitHub access token to use based on configuration. It checks environment variables if configured, falls back to a file if AccessToken is not directly provided in the config.

func SaveAccessTokenToFile 

func SaveAccessTokenToFile(accessToken *api.AccessToken, authFilePath string) error

SaveAccessTokenToFile saves a GitHub access token to a file.

Types

type Authenticator 

type Authenticator struct {
	Config ServerConfig
	Client *github.Client
}

Authenticator handles GitHub token validation using the GitHub API.

func NewGitHubAuthenticator 

func NewGitHubAuthenticator(cfg ServerConfig) *Authenticator

NewGitHubAuthenticator creates a new GitHub Authenticator with the provided configuration.

func (*Authenticator) AuthenticateToken 

func (a *Authenticator) AuthenticateToken(accessToken string) (*UserInfo, error)

AuthenticateToken verifies the provided GitHub access token against the GitHub API. It also fetches additional user information if the token is valid.

type ClientAuth 

type ClientAuth struct {
	Config ClientConfig
	// contains filtered or unexported fields
}

ClientAuth implements authentication for a GitHub client.

func (ClientAuth) AddAuth 

func (a ClientAuth) AddAuth(req *http.Request) error

AddAuth adds the GitHub access token to the request's Authorization header.

func (ClientAuth) HTTPClient 

func (a ClientAuth) HTTPClient() *http.Client

func (ClientAuth) Token 

func (a ClientAuth) Token() (*oauth2.Token, error)

Token implements the oauth2.TokenSource interface.

type ClientConfig 

type ClientConfig struct {
	CommonConfig                     `mapstructure:",squash"`
	AccessToken                      string `mapstructure:"access-token"`
	AccessTokenFile                  string `mapstructure:"access-token-file"`
	EnableAccessTokenFromEnvironment bool   `mapstructure:"enable-access-token-from-environment"`
	EnvironmentVariableName          string `mapstructure:"environment-variable-name"`
}

ClientConfig contains configuration for a GitHub authentication client.

type CommonConfig 

type CommonConfig struct {
	AllowInsecureHTTP bool   `mapstructure:"allow-insecure-http"`
	ClientID          string `mapstructure:"client-id"`
	ClientSecret      string `mapstructure:"client-secret"`

	// ConfigFile containing ClientID and ClientSecret
	ConfigFile string `mapstructure:"config-file"`
}

CommonConfig contains shared configuration for GitHub authentication.

type Handler 

type Handler struct {
	Authenticator TokenAuthenticator
}

Handler implements GitHub token authentication.

func NewHandler 

func NewHandler(cfg ServerConfig) *Handler

NewHandler creates a new GitHub authentication handler with the provided configuration.

func NewHandlerWithAuthenticator 

func NewHandlerWithAuthenticator(authenticator TokenAuthenticator) *Handler

func (*Handler) AuthRequest 

func (h *Handler) AuthRequest(r *http.Request) (stdctx.Context, error)

AuthRequest authenticates an HTTP request using a GitHub token. It expects a "Bearer" or "Token" Authorization header.

func (*Handler) Wrap 

func (h *Handler) Wrap(handler http.Handler) http.Handler

type ServerConfig 

type ServerConfig struct {
	CommonConfig `mapstructure:",squash"`

	PrincipalACLConfig authz.PrincipalACLConfig `mapstructure:"principals"`
}

ServerConfig contains configuration for a GitHub authentication server.

func FromMap 

func FromMap(m map[string]any) ServerConfig

FromMap creates a ServerConfig from a map.

type TokenAuthenticator 

type TokenAuthenticator interface {
	AuthenticateToken(accessToken string) (*UserInfo, error)
}

type TokenRoundTripper 

type TokenRoundTripper struct {
	Source oauth2.TokenSource
	Base   http.RoundTripper
}

TokenRoundTripper is an http.RoundTripper that adds an OAuth2 token to requests.

func (*TokenRoundTripper) RoundTrip 

func (t *TokenRoundTripper) RoundTrip(req *http.Request) (*http.Response, error)

RoundTrip executes a single HTTP transaction, adding the token to the request.

type TokenSource 

type TokenSource struct {
	AccessToken string
}

TokenSource implements the oauth2.TokenSource interface for a static GitHub token.

func (*TokenSource) Token 

func (t *TokenSource) Token() (*oauth2.Token, error)

Token returns the static token.

type UserInfo 

type UserInfo struct {
	Login                string
	Name                 string
	PrimaryEmail         string
	PrimaryEmailVerified bool
	Company              string
	WebSite              string
	Location             string
	PlanName             string
}

UserInfo contains information about a GitHub user.

func FetchUserInfo 

func FetchUserInfo(accessToken string) (*UserInfo, error)

FetchUserInfo retrieves GitHub user information using the provided access token. It fetches basic profile info and the primary email address.

func GitHubUserInfoFromContext 

func GitHubUserInfoFromContext(ctx context.Context) *UserInfo

GitHubUserInfoFromContext returns the GitHub user info from the provided context. It returns nil if no user info is found.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.