auth

package
v0.2.52 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 27, 2020 License: MIT Imports: 26 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var AuthInfoURL string

AuthInfoURL is the URL to get information of your token

View Source 
var (
	// DefaultConfig is the default middleware config.
	DefaultConfig = Config{
		ErrorHandleFunc: func(ctx *gin.Context, err error) {
			ctx.AbortWithError(500, err)
		},
		TokenKey: "github.com/go-oauth2/gin-server/access-token",
		Skipper: func(_ *gin.Context) bool {
			return false
		},
	}
)
View Source 
var Transport = http.Transport{}

Transport to use for client http connections to AuthInfoURL

View Source 
var VarianceTimer time.Duration = 30000 * time.Millisecond

VarianceTimer controls the max runtime of Auth() and AuthChain() middleware

Functions

func Auth 

func Auth(accessCheckFunction AccessCheckFunction, endpoints oauth2.Endpoint) gin.HandlerFunc

Router middleware that can be used to get an authenticated and authorized service for the whole router group. Example: 

     var endpoints oauth2.Endpoint = oauth2.Endpoint{
	        AuthURL:  "https://token.oauth2.corp.com/access_token",
	        TokenURL: "https://oauth2.corp.com/corp/oauth2/tokeninfo",
     }
     var acl []ginoauth2.AccessTuple = []ginoauth2.AccessTuple{{"employee", 1070, "sszuecs"}, {"employee", 1114, "njuettner"}}
     router := gin.Default()
	private := router.Group("")
	private.Use(ginoauth2.Auth(ginoauth2.UidCheck, ginoauth2.endpoints))
	private.GET("/api/private", func(c *gin.Context) {
		c.JSON(200, gin.H{"message": "Hello from private"})
	})

func AuthChain 

func AuthChain(endpoints oauth2.Endpoint, accessCheckFunctions ...AccessCheckFunction) gin.HandlerFunc

AuthChain is a router middleware that can be used to get an authenticated and authorized service for the whole router group. Similar to Auth, but takes a chain of AccessCheckFunctions and only fails if all of them fails. Example: 

     var endpoints oauth2.Endpoint = oauth2.Endpoint{
	        AuthURL:  "https://token.oauth2.corp.com/access_token",
	        TokenURL: "https://oauth2.corp.com/corp/oauth2/tokeninfo",
     }
     var acl []ginoauth2.AccessTuple = []ginoauth2.AccessTuple{{"employee", 1070, "sszuecs"}, {"employee", 1114, "njuettner"}}
     router := gin.Default()
	    private := router.Group("")
     checkChain := []AccessCheckFunction{
         ginoauth2.UidCheck,
         ginoauth2.GroupCheck,
     }
     private.Use(ginoauth2.AuthChain(checkChain, ginoauth2.endpoints))
     private.GET("/api/private", func(c *gin.Context) {
         c.JSON(200, gin.H{"message": "Hello from private"})
     })

func Facebook 

func Facebook(conf *oauth2.Config) macaron.Handler

Facebook returns a new Facebook OAuth 2.0 backend endpoint.

func Github 

func Github(conf *oauth2.Config) macaron.Handler

Github returns a new Github OAuth 2.0 backend endpoint.

func Google 

func Google(conf *oauth2.Config) macaron.Handler

Google returns a new Google OAuth 2.0 backend endpoint.

func HandleAuthorizeRequest 

func HandleAuthorizeRequest(c *gin.Context)

HandleAuthorizeRequest the authorization request handling

func HandleTokenRequest 

func HandleTokenRequest(c *gin.Context)

HandleTokenRequest token request handling

func HandleTokenVerify 

func HandleTokenVerify(config ...Config) gin.HandlerFunc

HandleTokenVerify Verify the access token of the middleware

func Init 

func Init(g *gin.RouterGroup)

func InitServer 

func InitServer(manager oauth2.Manager) *server.Server

InitServer Initialize the service

func LinkedIn 

func LinkedIn(conf *oauth2.Config) macaron.Handler

LinkedIn returns a new LinkedIn OAuth 2.0 backend endpoint.

func NewOAuth2Provider 

func NewOAuth2Provider(conf *oauth2.Config) macaron.Handler

NewOAuth2Provider returns a generic OAuth 2.0 backend endpoint.

func RequestAuthInfo 

func RequestAuthInfo(t *oauth2.Token) ([]byte, error)

func SetAccessTokenExpHandler 

func SetAccessTokenExpHandler(handler server.AccessTokenExpHandler)

SetAccessTokenExpHandler set expiration date for the access token

func SetAllowGetAccessRequest 

func SetAllowGetAccessRequest(allow bool)

SetAllowGetAccessRequest to allow GET requests for the token

func SetAllowedGrantType 

func SetAllowedGrantType(types ...oauth2.GrantType)

SetAllowedGrantType allow the grant types

func SetAllowedResponseType 

func SetAllowedResponseType(types ...oauth2.ResponseType)

SetAllowedResponseType allow the authorization types

func SetAuthorizeScopeHandler 

func SetAuthorizeScopeHandler(handler server.AuthorizeScopeHandler)

SetAuthorizeScopeHandler set scope for the access token

func SetClientAuthorizedHandler 

func SetClientAuthorizedHandler(handler server.ClientAuthorizedHandler)

SetClientAuthorizedHandler check the client allows to use this authorization grant type

func SetClientInfoHandler 

func SetClientInfoHandler(handler server.ClientInfoHandler)

SetClientInfoHandler get client info from request

func SetClientScopeHandler 

func SetClientScopeHandler(handler server.ClientScopeHandler)

SetClientScopeHandler check the client allows to use scope

func SetExtensionFieldsHandler 

func SetExtensionFieldsHandler(handler server.ExtensionFieldsHandler)

SetExtensionFieldsHandler in response to the access token with the extension of the field

func SetInternalErrorHandler 

func SetInternalErrorHandler(handler server.InternalErrorHandler)

SetInternalErrorHandler internal error handling

func SetPasswordAuthorizationHandler 

func SetPasswordAuthorizationHandler(handler server.PasswordAuthorizationHandler)

SetPasswordAuthorizationHandler get user id from username and password

func SetRefreshingScopeHandler 

func SetRefreshingScopeHandler(handler server.RefreshingScopeHandler)

SetRefreshingScopeHandler check the scope of the refreshing token

func SetResponseErrorHandler 

func SetResponseErrorHandler(handler server.ResponseErrorHandler)

SetResponseErrorHandler response error handling

func SetTokenType 

func SetTokenType(tokenType string)

SetTokenType token type

func SetUserAuthorizationHandler 

func SetUserAuthorizationHandler(handler server.UserAuthorizationHandler)

SetUserAuthorizationHandler get user id from request authorization

Types

type AccessCheckFunction 

type AccessCheckFunction func(tc *TokenContainer, ctx *gin.Context) bool

AccessCheckFunction is a function that checks if a given token grants access.

type Config 

type Config struct {
	// error handling when starting the session
	ErrorHandleFunc ErrorHandleFunc
	// keys stored in the context
	TokenKey string
	// defines a function to skip middleware.Returning true skips processing
	// the middleware.
	Skipper func(*gin.Context) bool
}

Config defines the config for Session middleware

type ErrorHandleFunc 

type ErrorHandleFunc func(*gin.Context, error)

ErrorHandleFunc error handling function

type TokenContainer 

type TokenContainer struct {
	Token     *oauth2.Token
	Scopes    map[string]interface{} // LDAP record vom Benutzer (cn, ..
	GrantType string                 // password, ??
	Realm     string                 // services, employees
}

TokenContainer stores all relevant token information

func GetTokenContainer 

func GetTokenContainer(token *oauth2.Token) (*TokenContainer, error)

func ParseTokenContainer 

func ParseTokenContainer(t *oauth2.Token, data map[string]interface{}) (*TokenContainer, error)

func (*TokenContainer) Valid 

func (t *TokenContainer) Valid() bool

TokenContainer

Validates that the AccessToken within TokenContainer is not expired and not empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.