Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a method to authenticate without a config file #53

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Add a method to authenticate without a config file #53

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0beb0bf
Add a method to authenticate without a config file
calston Apr 11, 2019
3d76b5d
Redirect to login page on auth failure
calston Apr 11, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 21 additions & 3 deletions google/google.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ import (
"crypto/rand"
"encoding/base64"
"encoding/json"
"fmt"
//"fmt"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

delete line please

"io/ioutil"
"net/http"

Expand Down Expand Up @@ -44,15 +44,18 @@ var conf *oauth2.Config
var state string
var store sessions.CookieStore

var loginURL string

func randToken() string {
b := make([]byte, 32)
rand.Read(b)
return base64.StdEncoding.EncodeToString(b)
}

// Setup the authorization path
func Setup(redirectURL, credFile string, scopes []string, secret []byte) {
func Setup(redirectURL, cLoginURL string, credFile string, scopes []string, secret []byte) {
Copy link
Contributor

@chrishalbert chrishalbert Jan 15, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wouldn't modify this function signature. Doing so will break existing functionality and require a major version increment. Could we maybe use a mutator/setter to set the loginURL, something like SetLoginURL(loginURL string)?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Or something like WithLoginURL(s string)

store = sessions.NewCookieStore(secret)
loginURL = cLoginURL
var c Credentials
file, err := ioutil.ReadFile(credFile)
if err != nil {
Expand All @@ -69,6 +72,20 @@ func Setup(redirectURL, credFile string, scopes []string, secret []byte) {
}
}

// Setup the authorization path without a config file
func SetupFromString(redirectURL, cLoginURL string, clientID string, clientSecret string, scopes []string, secret []byte) {
Copy link
Member

@szuecs szuecs Oct 16, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Function should be Setup or maybe create an Options{} struct to pass it

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are you suggesting @calston modify the existing Setup? Adding functionality with a new SetupFromString would only be a minor version update, opposed to a major version update. I'm in favor of their current implementation.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe SetupWithOptions(o Options)

store = sessions.NewCookieStore(secret)
loginURL = cLoginURL

conf = &oauth2.Config{
ClientID: clientID,
ClientSecret: clientSecret,
RedirectURL: redirectURL,
Scopes: scopes,
Endpoint: google.Endpoint,
}
}

func Session(name string) gin.HandlerFunc {
return sessions.Sessions(name, store)
}
Expand Down Expand Up @@ -102,7 +119,8 @@ func Auth() gin.HandlerFunc {
session := sessions.Default(ctx)
retrievedState := session.Get("state")
if retrievedState != ctx.Query("state") {
ctx.AbortWithError(http.StatusUnauthorized, fmt.Errorf("Invalid session state: %s", retrievedState))
ctx.Redirect(302, loginURL)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

redirect makes sense, please just drop commented lines :)

//ctx.AbortWithError(http.StatusUnauthorized, fmt.Errorf("Invalid session state: %s", retrievedState))
return
}

Expand Down