jawsauth

package module

v0.6.0 Latest Latest Go to latest Published: Nov 14, 2024 License: MIT Imports: 16 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/linkdata/jawsauth

Links

Open Source Insights

README ¶

jawsauth

OAuth2 integration with Jaws sessions using "golang.org/x/oauth2".

Documentation ¶

Index ¶

Variables
type Config
- func (cfg *Config) Build(overrideUrl string) (oauth2cfg *oauth2.Config, err error)
- func (cfg *Config) Validate() (err error)
type EventFunc
type HandleFunc
type JawsAuth
type Server
- func New(jw *jaws.Jaws, cfg *Config, handleFn HandleFunc) (srv *Server, err error)
- func NewDebug(jw *jaws.Jaws, cfg *Config, handleFn HandleFunc, overrideUrl string) (srv *Server, err error)

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrInconsistentState = errors.New("oauth2 inconsistent state")

View Source

var ErrOAuth2MissingSession = errors.New("oauth2 missing session")

View Source

var ErrOAuth2NotConfigured = errors.New("oauth2 not configured")

View Source

var ErrOAuth2WrongState = errors.New("oauth2 wrong state")

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	RedirectURL  string   // e.g. "https://application.example.com/oauth2/callback"
	AuthURL      string   // e.g. "https://login.microsoftonline.com/00000000-0000-0000-0000-000000000000/oauth2/v2.0/authorize"
	TokenURL     string   // e.g. "https://login.microsoftonline.com/00000000-0000-0000-0000-000000000000/oauth2/v2.0/token"
	UserInfoURL  string   // e.g. "https://graph.microsoft.com/v1.0/me?$select=displayName,mail"
	Scopes       []string // e.g. []string{"user.read"}
	ClientID     string
	ClientSecret string
}

func (*Config) Build ¶

func (cfg *Config) Build(overrideUrl string) (oauth2cfg *oauth2.Config, err error)

Build creates a oauth2.Config. If overrideUrl is provided, it's scheme, host and port are used instead of the ones in RedirectURL. This is useful when testing.

func (*Config) Validate ¶

func (cfg *Config) Validate() (err error)

type EventFunc ¶ added in v0.3.0

type EventFunc func(sess *jaws.Session, hr *http.Request)

type HandleFunc ¶

type HandleFunc func(uri string, handler http.Handler)

type JawsAuth ¶ added in v0.6.0

type JawsAuth struct {
	// contains filtered or unexported fields
}

func (*JawsAuth) Data ¶ added in v0.6.0

func (a *JawsAuth) Data() (x map[string]any)

func (*JawsAuth) Email ¶ added in v0.6.0

func (a *JawsAuth) Email() (s string)

func (*JawsAuth) IsAdmin ¶ added in v0.6.0

func (a *JawsAuth) IsAdmin() (yes bool)

type Server ¶

type Server struct {
	Jaws            *jaws.Jaws
	SessionKey      string              // default is "oauth2userinfo", value will be of type map[string]any
	SessionEmailKey string              // default is "email", value will be of type string
	HandledPaths    map[string]struct{} // URI paths we have registered handlers for
	LoginEvent      EventFunc           // if not nil, called after a successful login
	LogoutEvent     EventFunc           // if not nil, called before logout
	// contains filtered or unexported fields
}

func New ¶

func New(jw *jaws.Jaws, cfg *Config, handleFn HandleFunc) (srv *Server, err error)

func NewDebug ¶ added in v0.2.0

func NewDebug(jw *jaws.Jaws, cfg *Config, handleFn HandleFunc, overrideUrl string) (srv *Server, err error)

func (*Server) GetAdmins ¶ added in v0.6.0

func (srv *Server) GetAdmins() (emails []string)

GetAdmins returns a sorted list of the administrator emails. If empty, everyone is considered an administrator.

func (*Server) HandleAuthResponse ¶

func (srv *Server) HandleAuthResponse(hw http.ResponseWriter, hr *http.Request)

func (*Server) HandleLogin ¶

func (srv *Server) HandleLogin(hw http.ResponseWriter, hr *http.Request)

func (*Server) HandleLogout ¶

func (srv *Server) HandleLogout(hw http.ResponseWriter, hr *http.Request)

func (*Server) Handler ¶

func (srv *Server) Handler(name string, dot any) http.Handler

Handler returns a http.Handler using a jaws.Template that requires an authenticated user. Sets the jaws Session value srv.SessionKey to what UserInfoURL returned.

func (*Server) HandlerAdmin ¶ added in v0.6.0

func (srv *Server) HandlerAdmin(name string, dot any) http.Handler

HandlerAdmin returns a http.Handler using a jaws.Template that requires an authenticated user having an email set using SetAdmins() before invoking h. Sets the jaws Session value srv.SessionKey to what UserInfoURL returned.

func (*Server) IsAdmin ¶ added in v0.6.0

func (srv *Server) IsAdmin(email string) (yes bool)

IsAdmin returns true if email belongs to an admin or if the list of admins is empty or the server is not valod.

func (*Server) Set403Handler ¶ added in v0.6.0

func (srv *Server) Set403Handler(h http.Handler)

func (*Server) SetAdmins ¶ added in v0.6.0

func (srv *Server) SetAdmins(emails []string)

SetAdmins sets the emails of administrators. If empty, everyone is considered an administrator.

func (*Server) Valid ¶ added in v0.2.0

func (srv *Server) Valid() bool

Valid returns true if OAuth2 is configured.

func (*Server) Wrap ¶

func (srv *Server) Wrap(h http.Handler) (rh http.Handler)

Wrap returns a http.Handler that requires an authenticated user before invoking h. Sets the jaws Session value srv.SessionKey to what UserInfoURL returned. If the Server is not Valid, returns h.

func (*Server) WrapAdmin ¶ added in v0.6.0

func (srv *Server) WrapAdmin(h http.Handler) (rh http.Handler)

WrapAdmin returns a http.Handler that requires an authenticated user having an email set using SetAdmins() before invoking h. Sets the jaws Session value srv.SessionKey to what UserInfoURL returned. If the Server is not Valid, returns h.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL