auth

package

v1.2.2 Latest Latest Go to latest Published: Jun 6, 2026 License: Apache-2.0 Imports: 14 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/3lbits/vigil

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func UserMiddleware(sm *scs.SessionManager, q db.Querier) func(http.Handler) http.Handler
type AuthRequestOptions
type ExchangeOptions
type GitHubProvider
- func NewGitHubProvider(clientID, clientSecret, callbackURL string) *GitHubProvider
type Identity
type OIDCProvider
- func NewEntraIDProvider(ctx context.Context, tenantID, clientID, clientSecret, callbackURL string) (*OIDCProvider, error)
- func NewOIDCProvider(ctx context.Context, ...) (*OIDCProvider, error)
type Provider

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrVerifiedEmailRequired = errors.New("verified email required")

Functions ¶

func UserMiddleware ¶

func UserMiddleware(sm *scs.SessionManager, q db.Querier) func(http.Handler) http.Handler

UserMiddleware reads the authenticated user ID from the SCS session and injects a SessionUser into the request context. Requests with no session or an invalid user ID continue unauthenticated.

Types ¶

type AuthRequestOptions ¶

type AuthRequestOptions struct {
	CodeVerifier string
	Nonce        string
}

Provider abstracts a single OAuth2/OIDC login flow.

type ExchangeOptions ¶

type ExchangeOptions struct {
	CodeVerifier string
	Nonce        string
}

type GitHubProvider ¶

type GitHubProvider struct {
	// contains filtered or unexported fields
}

func NewGitHubProvider ¶

func NewGitHubProvider(clientID, clientSecret, callbackURL string) *GitHubProvider

func (*GitHubProvider) AuthCodeURL ¶

func (p *GitHubProvider) AuthCodeURL(state string, _ AuthRequestOptions) string

func (*GitHubProvider) Exchange ¶

func (p *GitHubProvider) Exchange(ctx context.Context, code string, _ ExchangeOptions) (Identity, error)

func (*GitHubProvider) Name ¶

func (p *GitHubProvider) Name() string

type Identity ¶

type Identity struct {
	Provider   string // "github" | "oidc"
	ProviderID string // stable subject ID
	Email      string
	Name       string
}

Identity is the normalised result from any OAuth2/OIDC provider.

type OIDCProvider ¶

type OIDCProvider struct {
	// contains filtered or unexported fields
}

func NewEntraIDProvider ¶

func NewEntraIDProvider(ctx context.Context, tenantID, clientID, clientSecret, callbackURL string) (*OIDCProvider, error)

NewEntraIDProvider constructs an OIDCProvider pointed at the Microsoft Entra ID v2.0 endpoint for the given tenant.

func NewOIDCProvider ¶

func NewOIDCProvider(ctx context.Context, name, issuerURL, clientID, clientSecret, callbackURL string) (*OIDCProvider, error)

NewOIDCProvider creates a generic OIDC provider. name is the slug used in callback URLs and stored as the provider discriminator (e.g. "oidc", "entra").

func (*OIDCProvider) AuthCodeURL ¶

func (p *OIDCProvider) AuthCodeURL(state string, opts AuthRequestOptions) string

func (*OIDCProvider) Exchange ¶

func (p *OIDCProvider) Exchange(ctx context.Context, code string, opts ExchangeOptions) (Identity, error)

func (*OIDCProvider) Name ¶

func (p *OIDCProvider) Name() string

type Provider ¶

type Provider interface {
	// Name returns the slug used in callback URLs (e.g. "github").
	Name() string
	// AuthCodeURL returns the redirect URL the browser should visit.
	AuthCodeURL(state string, opts AuthRequestOptions) string
	// Exchange completes the flow: exchanges the code and returns an Identity.
	Exchange(ctx context.Context, code string, opts ExchangeOptions) (Identity, error)
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
scsstore

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL