Documentation
¶
Overview ¶
Package oauthclient provides OAuth client helpers for CoreForge applications. This package contains utilities for fetching user info from OAuth providers (Google, GitHub, CoreControl) as part of the OAuth authorization code flow.
Index ¶
Constants ¶
const ( // StateCookieName is the default name for the OAuth state cookie. StateCookieName = "oauth_state" // StateCookieMaxAge is the default max age for the state cookie (5 minutes). StateCookieMaxAge = 5 * 60 )
Variables ¶
This section is empty.
Functions ¶
func GenerateState ¶
GenerateState generates a cryptographically secure random state string.
func GitHubConfig ¶
func GitHubConfig(cfg ProviderConfig) *oauth2.Config
GitHubConfig creates an OAuth2 config for GitHub.
func GoogleConfig ¶
func GoogleConfig(cfg ProviderConfig) *oauth2.Config
GoogleConfig creates an OAuth2 config for Google.
Types ¶
type CoreControlConfig ¶
type CoreControlConfig struct {
ProviderConfig
BaseURL string // CoreControl server base URL
}
CoreControlConfig holds CoreControl OAuth configuration.
func (CoreControlConfig) AuthorizationURL ¶
func (c CoreControlConfig) AuthorizationURL() string
AuthorizationURL returns the CoreControl authorization endpoint.
func (CoreControlConfig) OAuth2Config ¶
func (c CoreControlConfig) OAuth2Config() *oauth2.Config
OAuth2Config creates an OAuth2 config for CoreControl.
func (CoreControlConfig) TokenURL ¶
func (c CoreControlConfig) TokenURL() string
TokenURL returns the CoreControl token endpoint.
func (CoreControlConfig) UserInfoURL ¶
func (c CoreControlConfig) UserInfoURL() string
UserInfoURL returns the CoreControl userinfo endpoint.
type ProviderConfig ¶
type ProviderConfig struct {
ClientID string
ClientSecret string
RedirectURL string
Scopes []string
}
ProviderConfig holds OAuth configuration for a provider.
func (ProviderConfig) Enabled ¶
func (c ProviderConfig) Enabled() bool
Enabled returns true if the provider is configured.
type StateManager ¶
type StateManager struct {
CookieName string
MaxAge int
Secure bool // Set to true in production (requires HTTPS)
SameSite http.SameSite
}
StateManager handles OAuth state cookie management.
func NewStateManager ¶
func NewStateManager(secure bool) *StateManager
NewStateManager creates a state manager with sensible defaults.
func (*StateManager) SetStateCookie ¶
func (m *StateManager) SetStateCookie(w http.ResponseWriter, state string)
SetStateCookie sets the OAuth state cookie.
func (*StateManager) ValidateState ¶
func (m *StateManager) ValidateState(w http.ResponseWriter, r *http.Request, state string) bool
ValidateState validates the OAuth state against the cookie and clears it. Returns true if valid, false otherwise.
type User ¶
type User struct {
// ProviderID is the unique identifier from the OAuth provider.
ProviderID string `json:"provider_id"`
// Provider is the name of the OAuth provider (google, github, etc.).
Provider string `json:"provider"`
// Email is the user's email address.
Email string `json:"email"`
// Name is the user's display name.
Name string `json:"name"`
// AvatarURL is the URL to the user's profile picture.
AvatarURL string `json:"avatar_url,omitempty"`
// Username is the user's username (primarily for GitHub).
Username string `json:"username,omitempty"`
// AccessToken is the OAuth access token.
AccessToken string `json:"-"`
// RefreshToken is the OAuth refresh token (if provided).
RefreshToken string `json:"-"`
// TokenExpiry is when the access token expires.
TokenExpiry time.Time `json:"-"`
// Raw contains the raw user data from the provider.
Raw map[string]any `json:"raw,omitempty"`
}
User represents user information from an OAuth provider.
func FetchCoreControlUser ¶
func FetchCoreControlUser(ctx context.Context, cfg CoreControlConfig, accessToken string) (*User, error)
FetchCoreControlUser fetches user info from CoreControl using an access token.
func FetchGitHubUser ¶
FetchGitHubUser fetches user info from GitHub using an authorization code.
Source Files