package module
Version: v0.0.0-...-d788de3 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Jul 12, 2020 License: MIT Imports: 13 Imported by: 0


OAuth1 Module for Authboss

User Auth via OAuth1

Info and Requirements
Module oauth1
Pages None
Routes /oauth1/{provider}, /oauth1/callback/{provider}
Emails None
Middlewares LoadClientStateMiddleware
ClientStorage Session
ServerStorer OAuth1ServerStorer
User OAuth1User
Values None
Mailer None

This is a tougher implementation than most modules because there's a lot going on. In addition to the requirements stated above, you must also configure the oauth1.Providers. It's a public variable in the module.

import oauth1 "github.com/stephenafamo/authboss-oauth1"

oauth1.Providers = map[string]oauth1.Provider{}

The providers require an oauth1 configuration that's typical for the Go oauth1 package, but in addition to that they need a FindUserDetails method which has to take the token that's retrieved from the oauth1 provider, and call an endpoint that retrieves details about the user (at LEAST user's uid). These parameters are returned in map[string]string form and passed into the oauth1.ServerStorer.

Please see the following documentation for more details:



Package oauth1 allows users to be created and authenticated via oauth1 services like facebook, google etc. Currently only the web server flow is supported.

The general flow looks like this:

  1. User goes to Start handler and has his session packed with goodies then redirects to the OAuth service.
  2. OAuth service returns to OAuthCallback which checks that everything is ok. It uses the token received to get an access token and secret from the oauth1 library
  3. Calls the OAuth1Provider.FindUserDetails which should return the user's details in a generic form.
  4. Passes the user details into the ServerStorer.NewFromOAuth1 in order to create a user object we can work with.
  5. Saves the user in the database, logs them in, redirects.

In order to do this there are a number of parts:

  1. The configuration of a provider (handled by OAuth1Providers).
  2. The flow of redirection of client, parameter passing etc (handled by this package)
  3. The HTTP call to the service once a token has been retrieved to get user details (handled by OAuth1Provider.FindUserDetails)
  4. The creation of a user from the user details returned from the FindUserDetails (authboss.ServerStorer)

Of these parts, the responsibility of the authboss library consumer is on 1, 3, and 4. Configuration of providers that should be used is totally up to the consumer. The FindUserDetails function is typically up to the user, but we have some basic ones included in this package too. The creation of users from the FindUserDetail's map[string]string return is handled as part of the implementation of the ServerStorer.



View Source
const (
	// SessionOAuth1Secret is the request secret created during the login flow.
	SessionOAuth1Secret = "oauth1_secret"
	// SessionOAuth1Params is the additional settings for oauth
	// like redirection/remember.
	SessionOAuth1Params = "oauth1_params"
	// EventOAuth1Fail For Authboss events
	EventOAuth1     authboss.Event = 233234 // random to avoid collision
	EventOAuth1Fail authboss.Event = 249847 // random to avoid collision

	FormValueOAuth1Redir = "redir"

FormValue constants


View Source
var (
	// Providers are the registered OAuth1 providers
	Providers = make(map[string]Provider)
	// LoginOK is the path to redirec to on a successful login
	LoginOK = "/"
	// LoginNotOK is the path to redirec to on a failed login
	LoginNotOK = "/"


func MakeOAuth1PID

func MakeOAuth1PID(provider, uid string) string

MakeOAuth1PID is used to create a pid for users that don't have an e-mail address or username in the normal system. This allows all the modules to continue to working as intended without having a true primary id. As well as not having to divide the regular and oauth stuff all down the middle.

func ParseOAuth1PID

func ParseOAuth1PID(pid string) (provider, uid string, err error)

ParseOAuth1PID returns the uid and provider for a given OAuth1 pid

func TwitterFindUserDetails

func TwitterFindUserDetails(ctx context.Context, config oauth1.Config, token oauth1.Token) (map[string]string, error)

TwitterFindUserDetails will go to Twitter and access basic information about the user.


type Config

type Config = oauth1.Config

Config is the configuration for oauth1

type OAuth1

type OAuth1 struct {

OAuth1 module

func (*OAuth1) End

func (o *OAuth1) End(w http.ResponseWriter, r *http.Request) error

End the oauth1 process, this is the handler for the oauth1 callback that the third party will redirect to.

func (*OAuth1) Init

func (o *OAuth1) Init(ab *authboss.Authboss) error

Init module

func (*OAuth1) Start

func (o *OAuth1) Start(w http.ResponseWriter, r *http.Request) error

Start the oauth1 process

type Provider

type Provider struct {
	Config           *oauth1.Config
	AdditionalParams url.Values
	FindUserDetails  func(context.Context, oauth1.Config, oauth1.Token) (map[string]string, error)

Provider represents all we need to register an OAuth1 Provider

func TwitterProvider

func TwitterProvider(key, secret string) Provider

TwitterProvider is a helper function to created a twitter oauth1 provider

type RMTrue

type RMTrue struct{}

RMTrue is a dummy struct implementing authboss.RememberValuer in order to tell the remember me module to remember them.

func (RMTrue) GetShouldRemember

func (RMTrue) GetShouldRemember() bool

GetShouldRemember always returns true

type ServerStorer

type ServerStorer interface {

	// NewFromOAuth1 should return an OAuth1User from a set
	// of details returned from OAuth1Provider.FindUserDetails
	// A more in-depth explanation is that once we've got an access token
	// for the service in question (say a service that rhymes with book)
	// the FindUserDetails function does an http request to a known endpoint
	// that provides details about the user, those details are captured in a
	// generic way as map[string]string and passed into this function to be
	// turned into a real user.
	// It's possible that the user exists in the database already, and so
	// an attempt should be made to look that user up using the details.
	// Any details that have changed should be updated. Do not save the user
	// since that will be done later by ServerStorer.SaveOAuth1()
	NewFromOAuth1(ctx context.Context, provider string, details map[string]string) (User, error)

	// SaveOAuth1 has different semantics from the typical ServerStorer.Save,
	// in this case we want to insert a user if they do not exist.
	// The difference must be made clear because in the non-oauth1 case,
	// we know exactly when we want to Create vs Update. However since we're
	// simply trying to persist a user that may have been in our database,
	// but if not should already be (since you can think of the operation as
	// a caching of what's on the oauth1 provider's servers).
	SaveOAuth1(ctx context.Context, user User) error

ServerStorer has the ability to create users from data from the provider.

func EnsureCanOAuth1

func EnsureCanOAuth1(storer authboss.ServerStorer) ServerStorer

EnsureCanOAuth1 makes sure the server storer supports oauth1 creation and lookup

type Token

type Token = oauth1.Token

Token represents an access token

type User

type User interface {

	// IsOAuth1User checks to see if a user was registered in the site as an
	// oauth1 user.
	IsOAuth1User() bool

	GetOAuth1UID() (uid string)
	GetOAuth1Provider() (provider string)
	GetOAuth1AccessToken() (token string)
	GetOAuth1AccessSecret() (secret string)

	PutOAuth1AccessToken(token string)
	PutOAuth1AccessSecret(secret string)

User allows reading and writing values relating to OAuth1

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL