Security News
Oracle Drags Its Feet in the JavaScript Trademark Dispute
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
By Sarah Gooding - Feb 07, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
github.com/grokify/oauth2more
- Version published
- Created
GoAuth
GoAuth provides helper libraries for authentication in Go, with a focus on API services. It covers OAuth 2.0, JWT, TLS client authentication and Basic Auth. A primary goal is to be able to create a *http.Client from a single JSON application definition.
Major features include:
- The base
goauthpackage is designed to provide a single file format for handling configuration of all methods of authentication, including BasicAuth, OAuth 2.0, and JWT credentials. The primary use case is to have a single JSON definition of multiple applications for multiple services which can be used to generate token and API requests. It works withgoauth/endpointsto add endpoints for known services. - Create
*http.Clientfor multiple API services. UseNewClient()functions to create*http.Clientstructs for services not supported inoauth2likeaha,metabase,ringcentral,salesforce,visa, etc. Generating*http.Clientstructs is especially useful for using with Swagger Codegen auto-generated SDKs to support different auth models. - Create OAuth 2.0 authorization code token from the command line (for test purposes). No website is needed.
- Retrieve canonical user information via helper libraries to retrieve canonical user information from services. The SCIM user schema is used for a canonical user model. This may be replaced/augmented by OIDC
userinfoin the future. - Transparently handle OAuth 2 for multiple services, e.g. a website that supports Google and Facebook auth. This is demoed in
github.com/grokify/beegoutil
Installation
$ go get github.com/grokify/goauth
Usage
Canonical User Information
ClientUtil structs satisfy the interface having SetClient() and GetSCIMUser() functions.
import(
"github.com/grokify/goauth/google"
)
// googleOAuth2HTTPClient is *http.Client from Golang OAuth2
googleClientUtil := google.NewClientUtil(googleOAuth2HTTPClient)
scimuser, err := googleClientUtil.GetSCIMUser()
import(
"github.com/grokify/goauth/facebook"
)
// fbOAuth2HTTPClient is *http.Client from Golang OAuth2
fbClientUtil := facebook.NewClientUtil(fbOAuth2HTTPClient)
scimuser, err := fbClientUtil.GetSCIMUser()
RingCentral
import(
"github.com/grokify/goauth/ringcentral"
)
// rcOAuth2HTTPClient is *http.Client from Golang OAuth2
rcClientUtil := ringcentral.NewClientUtil(rcOAuth2HTTPClient)
scimuser, err := rcClientUtil.GetSCIMUser()
Test Redirect URL
This repo comes with a generic test OAuth 2 redirect page which can be used with headless (no-UI) apps. To use this test URL, configure the following URL to be your OAuth 2 redirect URI. This will write the Authorization Code in the HTMl which you can then copy and paste into your own app.
The URL is located here:
Example App
See the following repo for a Beego-based demo app:
FAQs
Unknown package
Package last updated on 13 Jan 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Linux Foundation Warns Open Source Developers: Compliance with Sanctions Is Not Optional
The Linux Foundation is warning open source developers that compliance with global sanctions is mandatory, highlighting legal risks and restrictions on contributions.
By Sarah Gooding - Feb 06, 2025
Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
By Sarah Gooding - Feb 06, 2025