Skip to content

Latest commit

 

History

History
114 lines (82 loc) · 3.8 KB

README.md

File metadata and controls

114 lines (82 loc) · 3.8 KB

oidcauth - OIDC Client Authentication for Gin-Gonic

Build Status codecov Go Report Card GoDoc

Usage

Download and install it:

go get github.com/TJM/gin-gonic-oidcauth

Import it in your code:

import oidcauth "github.com/TJM/gin-gonic-oidcauth"

Use it: (see complete examples)

  // NOTE: oidcauth *requires* sessions *before* oidcauth
  // SEE Examples to see how.

	// Authentication Config
	auth, err := oidcauth.GetOidcAuth(oidcauth.DefaultConfig())
	if err != nil {
		panic("auth setup failed")
	}
	router.GET("/login", auth.Login) // Unnecessary, as requesting a "AuthRequired" resource will initiate login, but potentially convenient
	router.GET("/callback", auth.AuthCallback)
  router.GET("/logout", auth.Logout)

  // Private Route Group...
	private := r.Group("/private", auth.AuthRequired())
	{
		private.GET("", func(c *gin.Context) {
      c.String(http.StatusOK, "Private!")
    }
    // ...
  }

Examples

Prerequisites:

  • Oauth2 Identity Provider (IdP) service that supports OIDC
    • You can use something like DEX to test with.
    • Alternatively, you could also use something like:

DEX Identity Provider

The example below will use DEX IdP. Please clone their repo and start DEX in a separate window.

  • Start DEX IdP:
./bin/dex serve examples/config-dev.yaml
  • Start [DEX ExampleApp(example/dex/main.go)]:
go run example/dex/main.go

Google Accounts Identity Provider

The example below will use Google Accounts. See: go-oidc examples readme.

NOTE: This example used port 5556 to be compatible with the other go-oidc examples, but it will clash with "dex" which runs on the same port by default.

  • Setup Google

    1. Visit your Google Developer Console.
    2. Click "Credentials" on the left column.
    3. Click the "Create credentials" button followed by "OAuth client ID".
    4. Select "Web application" and add "http://127.0.0.1:5556/auth/google/callback" as an authorized redirect URI.
    5. Click create and add the printed client ID and secret to your environment using the following variables:
    export GOOGLE_OAUTH2_CLIENT_ID=
    export GOOGLE_OAUTH2_CLIENT_SECRET=
  • Start Google Example example/google/main.go:

go run example/google/main.go

License

Licensed under the Apache License, Version 2.0.