oauth2 package - github.com/aarondl/authboss/v3/oauth2 - Go Packages (original) (raw)

Package oauth2 allows users to be created and authenticated via oauth2 services like facebook, google etc. Currently only the web server flow is supported.

The general flow looks like this:

1. User goes to Start handler and has his session packed with goodies then redirects to the OAuth service.
2. OAuth service returns to OAuthCallback which extracts state and parameters and generally checks that everything is ok. It uses the token received to get an access token from the oauth2 library
3. Calls the OAuth2Provider.FindUserDetails which should return the user's details in a generic form.
4. Passes the user details into the OAuth2ServerStorer.NewFromOAuth2 in order to create a user object we can work with.
5. Saves the user in the database, logs them in, redirects.

In order to do this there are a number of parts:

1. The configuration of a provider (handled by authboss.Config.Modules.OAuth2Providers).
2. The flow of redirection of client, parameter passing etc (handled by this package)
3. The HTTP call to the service once a token has been retrieved to get user details (handled by OAuth2Provider.FindUserDetails)
4. The creation of a user from the user details returned from the FindUserDetails (authboss.OAuth2ServerStorer)
5. The special casing of the ServerStorer implementation's Load() function to deal properly with incoming OAuth2 pids. See authboss.ParseOAuth2PID as a way to do this.

Of these parts, the responsibility of the authboss library consumer is on 1, 3, 4, and 5. Configuration of providers that should be used is totally up to the consumer. The FindUserDetails function is typically up to the user, but we have some basic ones included in this package too. The creation of users from the FindUserDetail's map[string]string return is handled as part of the implementation of the OAuth2ServerStorer.

• Constants
• func FacebookUserDetails(ctx context.Context, cfg oauth2.Config, token *oauth2.Token) (map[string]string, error)
• func GoogleUserDetails(ctx context.Context, cfg oauth2.Config, token *oauth2.Token) (map[string]string, error)
• type OAuth2
• • func (o *OAuth2) End(w http.ResponseWriter, r *http.Request) error
  • func (o *OAuth2) Init(ab *authboss.Authboss) error
  • func (o *OAuth2) Start(w http.ResponseWriter, r *http.Request) error
• type RMTrue
• • func (RMTrue) GetShouldRemember() bool

View Source

const ( FormValueOAuth2State = "state" FormValueOAuth2Redir = "redir" )

FormValue constants

View Source

const ( OAuth2UID = "uid" OAuth2Email = "email" OAuth2Name = "name" )

Constants for returning in the FindUserDetails call

This section is empty.

FacebookUserDetails can be used as a FindUserDetails function for an authboss.OAuth2Provider

GoogleUserDetails can be used as a FindUserDetails function for an authboss.OAuth2Provider

OAuth2 module

End the oauth2 process, this is the handler for the oauth2 callback that the third party will redirect to.

RMTrue is a dummy struct implementing authboss.RememberValuer in order to tell the remember me module to remember them.

func (RMTrue) GetShouldRemember() bool

GetShouldRemember always returns true