README
¶
OAuth 2.0 More for Go
More OAuth 2.0 - https://github.com/golang/oauth2 and JWT functionality. Major features include:
- Create
*http.Clientfor multiple API services. UseNewClient()functions to create*http.Clientstructs for services not supported inoauth2likeaha,metabase,ringcentral,salesforce,visa, etc. Generating*http.Clientstructs is especially useful for using with Swagger Codegen auto-generated SDKs to support different auth models. - Generically store and retrieve multiple app credentials in a single JSON object via
credentials. Supports both OAuth 2 and JWT. - Create OAuth 2.0 authorization code token from the command line (for test purposes). No website is needed.
- Retrieve canonical user information via helper libraries to retrieve canonical user information from services. The SCIM user schema is used for a canonical user model. This may be replaced/augmented by OIDC
userinfoin the future. - Transparently handle OAuth 2 for multiple services, e.g. a website that supports Google and Facebook auth. This is demoed in grokify/beego-oauth2-demo
Installation
$ go get github.com/grokify/oauth2more
Usage
Canonical User Information
ClientUtil structs satisfy the interface having SetClient() and GetSCIMUser() functions.
import(
"github.com/grokify/oauth2more/google"
)
// googleOAuth2HTTPClient is *http.Client from Golang OAuth2
googleClientUtil := google.NewClientUtil(googleOAuth2HTTPClient)
scimuser, err := googleClientUtil.GetSCIMUser()
import(
"github.com/grokify/oauth2more/facebook"
)
// fbOAuth2HTTPClient is *http.Client from Golang OAuth2
fbClientUtil := facebook.NewClientUtil(fbOAuth2HTTPClient)
scimuser, err := fbClientUtil.GetSCIMUser()
RingCentral
import(
"github.com/grokify/oauth2more/ringcentral"
)
// rcOAuth2HTTPClient is *http.Client from Golang OAuth2
rcClientUtil := ringcentral.NewClientUtil(rcOAuth2HTTPClient)
scimuser, err := rcClientUtil.GetSCIMUser()
Test Redirect URL
This repo comes with a generic test OAuth 2 redirect page which can be used with headless (no-UI) apps. To use this test URL, configure the following URL to be your OAuth 2 redirect URI. This will write the Authorization Code in the HTMl which you can then copy and paste into your own app.
The URL is located here:
Example App
See the following repo for a Beego-based demo app:
Documentation
¶
Index ¶
- Constants
- Variables
- func BasicAuthHeader(userid, password string) (string, error)
- func BasicAuthToken(username, password string) (*oauth2.Token, error)
- func ClientTLSInsecureSkipVerify(client *http.Client) *http.Client
- func NewClientAuthCode(conf oauth2.Config, authCode string) (*http.Client, error)
- func NewClientAuthzTokenSimple(tokenType, accessToken string) *http.Client
- func NewClientBasicAuth(username, password string, tlsInsecureSkipVerify bool) (*http.Client, error)
- func NewClientBearerTokenSimpleOrJson(ctx context.Context, tokenOrJson []byte) (*http.Client, error)
- func NewClientHeaders(header http.Header, tlsInsecureSkipVerify bool) *http.Client
- func NewClientPassword(conf oauth2.Config, ctx context.Context, username, password string) (*http.Client, error)
- func NewClientPasswordConf(conf oauth2.Config, username, password string) (*http.Client, error)
- func NewClientTLSToken(ctx context.Context, tlsConfig *tls.Config, token *oauth2.Token) *http.Client
- func NewClientToken(tokenType, tokenValue string, tlsInsecureSkipVerify bool) *http.Client
- func NewClientTokenBase64Encode(tokenType, tokenValue string, tlsInsecureSkipVerify bool) *http.Client
- func NewClientTokenJSON(ctx context.Context, tokenJSON []byte) (*http.Client, error)
- func NewClientTokenOAuth2(token *oauth2.Token) *http.Client
- func NewClientWebTokenStore(ctx context.Context, conf *oauth2.Config, tStore *TokenStoreFile, ...) (*http.Client, error)
- func NewTokenCliFromWeb(cfg *oauth2.Config, state string) (*oauth2.Token, error)
- func ParseJwtTokenString(tokenString string, secretKey string, claims jwt.Claims) (*jwt.Token, error)
- func ParseToken(rawToken []byte) (*oauth2.Token, error)
- func PathVersion() string
- func RFC7617UserPass(userid, password string) (string, error)
- func ReadTokenFile(fpath string) (*oauth2.Token, error)
- func TokenClientCredentials(cfg clientcredentials.Config) (*oauth2.Token, error)
- func UserCredentialsDir() (string, error)
- func UserCredentialsDirMk(perm os.FileMode) (string, error)
- func WriteTokenFile(fpath string, tok *oauth2.Token) error
- type AppCredentials
- type AppCredentialsWrapper
- type AuthorizationType
- type OAuth2Util
- type Scope
- type ServiceType
- type TokenStoreFile
- type UserCredentials
Constants ¶
View Source
const ( GrantTypeAuthCode = "authorization_code" GrantTypePassword = "password" GrantTypeClientCredentials = "client_credentials" GrantTypeRefreshToken = "refresh_token" )
View Source
const ( VERSION = "0.2.0" PATH = "github.com/grokify/oauth2more" TokenBasic = "Basic" TokenBearer = "Bearer" GrantTypeAuthorizationCode = "code" )
Variables ¶
View Source
var (
RelCredentialsDir = ".credentials"
)
Functions ¶
func BasicAuthHeader ¶
func BasicAuthToken ¶
BasicAuthToken provides Basic Authentication support via an oauth2.Token.
func NewClientAuthCode ¶
func NewClientAuthzTokenSimple ¶
NewClientAuthzTokenSimple returns a *http.Client given a token type and token string.
func NewClientBasicAuth ¶
func NewClientBasicAuth(username, password string, tlsInsecureSkipVerify bool) (*http.Client, error)
NewClientBasicAuth returns a *http.Client given a basic auth username and password.
func NewClientHeaders ¶
func NewClientPassword ¶
func NewClientPasswordConf ¶
func NewClientTLSToken ¶
func NewClientToken ¶
func NewClientTokenJSON ¶
func NewClientWebTokenStore ¶
func NewTokenCliFromWeb ¶ added in v0.4.1
NewTokenCliFromWeb enables a CLI app with no UI to generate a OAuth2 AuthURL which is copy and pasted into a web browser to return an an OAuth 2 authorization code and state, where the authorization code is entered on the command line.
func ParseJwtTokenString ¶
func ParseToken ¶
ParseToken parses a OAuth 2 token and returns an `*oauth2.Token` with custom properties.
func PathVersion ¶
func PathVersion() string
func RFC7617UserPass ¶
RFC7617UserPass base64 encodes a user-id and password per: https://tools.ietf.org/html/rfc7617#section-2
func ReadTokenFile ¶
ReadTokenFile retrieves a Token from a given filepath.
func TokenClientCredentials ¶ added in v0.8.4
func TokenClientCredentials(cfg clientcredentials.Config) (*oauth2.Token, error)
TokenClientCredentials is an alternative to `clientcredentials.Config.Token()` which does not work for some APIs. More investigation is needed but it appears the issue is encoding the HTTP request body. The approach here uses `&` in the URL encoded values.
func UserCredentialsDir ¶
Types ¶
type AppCredentials ¶
type AppCredentials struct {
Service string `json:"service,omitempty"`
ClientID string `json:"client_id"`
ClientSecret string `json:"client_secret"`
RedirectURIs []string `json:"redirect_uris"`
AuthURI string `json:"auth_uri"`
TokenURI string `json:"token_uri"`
Scopes []string `json:"scopes"`
}
// ApplicationCredentials represents information for an app.
type ApplicationCredentials struct {
ServerURL string
ClientID string
ClientSecret string
Endpoint oauth2.Endpoint
}
func (*AppCredentials) Config ¶
func (c *AppCredentials) Config() *oauth2.Config
func (*AppCredentials) Defaultify ¶
func (ac *AppCredentials) Defaultify()
type AppCredentialsWrapper ¶
type AppCredentialsWrapper struct {
Web *AppCredentials `json:"web"`
Installed *AppCredentials `json:"installed"`
}
func NewAppCredentialsWrapperFromBytes ¶
func NewAppCredentialsWrapperFromBytes(data []byte) (AppCredentialsWrapper, error)
type AuthorizationType ¶
type AuthorizationType int
const ( Anonymous AuthorizationType = iota Basic Bearer Digest NTLM Negotiate OAuth )
func (AuthorizationType) String ¶
func (a AuthorizationType) String() string
String returns the English name of the authorizationTypes ("Basic", "Bearer", ...).
type OAuth2Util ¶
type ServiceType ¶
type ServiceType int
const ( Google ServiceType = iota Facebook RingCentral Aha )
type TokenStoreFile ¶
func NewTokenStoreFile ¶
func NewTokenStoreFile(file string) *TokenStoreFile
func (*TokenStoreFile) NewTokenCliFromWeb ¶ added in v0.4.1
func (*TokenStoreFile) Read ¶
func (ts *TokenStoreFile) Read() error
func (*TokenStoreFile) Write ¶
func (ts *TokenStoreFile) Write() error
type UserCredentials ¶
UserCredentials represents a user's credentials.
Source Files
¶
Directories
¶
| Path | Synopsis |
|---|---|
|
auth0 contains a Go implementation of Auth0's PKCE support: https://auth0.com/docs/api-auth/tutorials/authorization-code-grant-pkce
|
auth0 contains a Go implementation of Auth0's PKCE support: https://auth0.com/docs/api-auth/tutorials/authorization-code-grant-pkce |
|
cmd
|
|
|
examples/send_ics
This package posts an ICS file to Gmail.
|
This package posts an ICS file to Gmail. |
|
util
|
|
Click to show internal directories.
Click to hide internal directories.