66 lines
2.6 KiB
Markdown
66 lines
2.6 KiB
Markdown
Small oAuth2 Client to have an easy way to connect to Authentik
|
|
# Auth
|
|
|
|
## Easy Auth
|
|
Easy Authentification for default go http lib.
|
|
|
|
In Process
|
|
|
|
## Low Level Lib / AuthClient
|
|
The Low Level Lib (Auth) is a Client to provied the basic oAuth2 functions without state.
|
|
|
|
### Create AuthClient
|
|
To create a auth client there are two ways. For the first one your oauth privider need to provide an OpenID Configuration URL which contains information about the oAuth server like the urls for autentification, token and userinfo.
|
|
|
|
To use this method you create a Client like this:
|
|
|
|
```
|
|
clientConfig := ClientConfig{ClientID: "abc", ClientSecret: "def", RedirectURL: "htttp://myservice/auth", Scope: []string{}}
|
|
client, err := NewAuthWithConfigurationURL(clientConfig, "http://localhost:8084/openid-configuration")
|
|
```
|
|
|
|
If you dont have that url you can configure the Client by yourself:
|
|
|
|
```
|
|
clientConfig := ClientConfig{ClientID: "abc", ClientSecret: "def", RedirectURL: "htttp://myservice/auth", Scope: []string{}}
|
|
authConfig := AuthConfig{TokenEndpoint: "http://localhost/token", UserinfoEndpoint: "http://localhost/user", AuthorizationEndpoint: "http://localhost/auth"}
|
|
client, err := NewAuthWithConfig(clientConfig, authConfig)
|
|
```
|
|
|
|
The RedirectURL and the scope is part of the Config Object because its used in the Auth Request and the Token Requests.
|
|
|
|
### Redirect User to oAuth Login Page
|
|
To start the autentification process you need to redirect the User to the oAuth Server. You can get the URL by calling the GetAuthorizationURL methode
|
|
|
|
```
|
|
url, err := client.GetAuthorizationURL("")
|
|
```
|
|
|
|
The parameter for that function is the scope. The oAuth Server will retrn that parameter to the redirect url.
|
|
|
|
### Get Accesstoken from code (from the redirect page)
|
|
To get the Access (and Refresh Token if providet) you need the code Paramter the oAuth Server will provide via get request.
|
|
|
|
```
|
|
code := "The code from the get parameter from the oAuth server"
|
|
token, err := client.GetTokenFromCode(code)
|
|
```
|
|
|
|
TODO: function should return scope variabel as well
|
|
|
|
### Get User Infroamtion with
|
|
To get the User Information you need to create a own Struct based on the outpute from the oAuth Provider. If you just use the SUB ID you can use the User struct from the package. If you work with the default Authentik configuration you can use AuthentikUser struct of the Project.
|
|
|
|
|
|
```
|
|
userInfo := AuthentikUser{}
|
|
err = client.GetUserInfo(token.AccessToken, &userInfo)
|
|
```
|
|
|
|
it will return an error if the accesstoken is exoired.
|
|
|
|
TODO: Refresh Token
|
|
|
|
# Links
|
|
* https://www.oauth.com/oauth2-servers/authorization/the-authorization-request/
|
|
* https://connect2id.com/products/server/docs/api/token
|