minimock | ||
.gitignore | ||
auth.go | ||
auth_test.go | ||
config.go | ||
docker-compose.yml | ||
errors.go | ||
go.mod | ||
go.sum | ||
Readme.md |
Small oAuth2 Client to have an easy way to connect to Authentik
Auth
Low Level Lib / AuthClient
The Low Level Lib (Auth) is a Client to provied the basic oAuth2 functions without state.
Create AuthClient
To create a auth client there are two ways. For the first one your oauth privider need to provide an OpenID Configuration URL which contains information about the oAuth server like the urls for autentification, token and userinfo.
To use this method you create a Client like this:
clientConfig := ClientConfig{ClientID: "abc", ClientSecret: "def", RedirectURL: "htttp://myservice/auth", Scope: []string{}}
client, err := NewAuthWithConfigurationURL(clientConfig, "http://localhost:8084/openid-configuration")
If you dont have that url you can configure the Client by yourself:
clientConfig := ClientConfig{ClientID: "abc", ClientSecret: "def", RedirectURL: "htttp://myservice/auth", Scope: []string{}}
authConfig := AuthConfig{TokenEndpoint: "http://localhost/token", UserinfoEndpoint: "http://localhost/user", AuthorizationEndpoint: "http://localhost/auth"}
client, err := NewAuthWithConfig(clientConfig, authConfig)
The RedirectURL and the scope is part of the Config Object because its used in the Auth Request and the Token Requests.
Redirect User to oAuth Login Page
To start the autentification process you need to redirect the User to the oAuth Server. You can get the URL by calling the GetAuthorizationURL methode
url, err := client.GetAuthorizationURL("")
The parameter for that function is the scope. The oAuth Server will retrn that parameter to the redirect url.
Get Accesstoken from code (from the redirect page)
To get the Access (and Refresh Token if providet) you need the code Paramter the oAuth Server will provide via get request.
code := "The code from the get parameter from the oAuth server"
token, err := client.GetTokenFromCode(code)
TODO: function should return scope variabel as well
Get User Infroamtion with
To get the User Information you need to create a own Struct based on the outpute from the oAuth Provider. If you just use the SUB ID you can use the User struct from the package. If you work with the default Authentik configuration you can use AuthentikUser struct of the Project.
userInfo := AuthentikUser{}
err = client.GetUserInfo(token.AccessToken, &userInfo)
it will return an error if the accesstoken is exoired.
TODO: Refresh Token