github

package
v0.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 19, 2026 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Overview

Package github provides GitHub-based authentication middleware.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func FetchUserInfo

func FetchUserInfo(accessToken string) (*authctx.GitHubUserInfo, error)

FetchUserInfo retrieves GitHub user information using the provided access token. It fetches basic profile info and the primary email address.

func LoadAccessTokenFromFile

func LoadAccessTokenFromFile(filePath string) (*api.AccessToken, error)

LoadAccessTokenFromFile loads a GitHub access token from a file.

func ResolveAccessToken

func ResolveAccessToken(c ClientConfig) (string, error)

ResolveAccessToken determines the GitHub access token to use based on configuration. It checks environment variables if configured, falls back to a file if AccessToken is not directly provided in the config.

func SaveAccessTokenToFile

func SaveAccessTokenToFile(accessToken *api.AccessToken, authFilePath string) error

SaveAccessTokenToFile saves a GitHub access token to a file.

Types

type Authenticator

type Authenticator struct {
	Config ServerConfig
	Client *github.Client
}

Authenticator handles GitHub token validation using the GitHub API.

func NewGitHubAuthenticator

func NewGitHubAuthenticator(cfg ServerConfig) *Authenticator

NewGitHubAuthenticator creates a new GitHub Authenticator with the provided configuration.

func (*Authenticator) AuthenticateToken

func (a *Authenticator) AuthenticateToken(accessToken string) (*authctx.GitHubUserInfo, error)

AuthenticateToken verifies the provided GitHub access token against the GitHub API. It also fetches additional user information if the token is valid.

type ClientAuth

type ClientAuth struct {
	Config ClientConfig
	// contains filtered or unexported fields
}

ClientAuth implements authentication for a GitHub client.

func (ClientAuth) AddAuth

func (a ClientAuth) AddAuth(req *http.Request) error

AddAuth adds the GitHub access token to the request's Authorization header.

func (ClientAuth) HTTPClient

func (a ClientAuth) HTTPClient() *http.Client

func (ClientAuth) Token

func (a ClientAuth) Token() (*oauth2.Token, error)

Token implements the oauth2.TokenSource interface.

type ClientConfig

type ClientConfig struct {
	CommonConfig                     `mapstructure:",squash"`
	AccessToken                      string `mapstructure:"access-token"`
	AccessTokenFile                  string `mapstructure:"access-token-file"`
	EnableAccessTokenFromEnvironment bool   `mapstructure:"enable-access-token-from-environment"`
	EnvironmentVariableName          string `mapstructure:"environment-variable-name"`
}

ClientConfig contains configuration for a GitHub authentication client.

type CommonConfig

type CommonConfig struct {
	AllowInsecureHTTP bool   `mapstructure:"allow-insecure-http"`
	ClientID          string `mapstructure:"client-id"`
	ClientSecret      string `mapstructure:"client-secret"`

	// ConfigFile containing ClientID and ClientSecret
	ConfigFile string `mapstructure:"config-file"`
}

CommonConfig contains shared configuration for GitHub authentication.

type Handler

type Handler struct {
	Authenticator TokenAuthenticator
}

Handler implements GitHub token authentication.

func NewHandler

func NewHandler(cfg ServerConfig) *Handler

NewHandler creates a new GitHub authentication handler with the provided configuration.

func NewHandlerWithAuthenticator

func NewHandlerWithAuthenticator(authenticator TokenAuthenticator) *Handler

func (*Handler) AuthRequest

func (h *Handler) AuthRequest(r *http.Request) (stdctx.Context, error)

AuthRequest authenticates an HTTP request using a GitHub token. It expects a "Bearer" or "Token" Authorization header.

func (*Handler) Wrap

func (h *Handler) Wrap(handler http.Handler) http.Handler

type ServerConfig

type ServerConfig struct {
	CommonConfig `mapstructure:",squash"`

	PrincipalACLConfig authz.PrincipalACLConfig `mapstructure:"principals"`
}

ServerConfig contains configuration for a GitHub authentication server.

func FromMap

func FromMap(m map[string]any) ServerConfig

FromMap creates a ServerConfig from a map.

type TokenAuthenticator

type TokenAuthenticator interface {
	AuthenticateToken(accessToken string) (*authhttp.GitHubUserInfo, error)
}

type TokenRoundTripper

type TokenRoundTripper struct {
	Source oauth2.TokenSource
	Base   http.RoundTripper
}

TokenRoundTripper is an http.RoundTripper that adds an OAuth2 token to requests.

func (*TokenRoundTripper) RoundTrip

func (t *TokenRoundTripper) RoundTrip(req *http.Request) (*http.Response, error)

RoundTrip executes a single HTTP transaction, adding the token to the request.

type TokenSource

type TokenSource struct {
	AccessToken string
}

TokenSource implements the oauth2.TokenSource interface for a static GitHub token.

func (*TokenSource) Token

func (t *TokenSource) Token() (*oauth2.Token, error)

Token returns the static token.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL