// Returns a generic OAuth 2.0 backend endpoint.
func NewOAuth2Provider(opts *oauth2.Options, authUrl, tokenUrl string) martini.Handler {
config, err := oauth2.NewConfig(opts, authUrl, tokenUrl)
if err != nil {
panic(fmt.Sprintf("oauth2: %s", err))
}
return func(s sessions.Session, c martini.Context, w http.ResponseWriter, r *http.Request) {
if r.Method == "GET" {
switch r.URL.Path {
case PathLogin:
login(config, s, w, r)
case PathLogout:
logout(s, w, r)
case PathCallback:
handleOAuth2Callback(config, s, w, r)
}
}
tk := unmarshallToken(s)
if tk != nil {
// check if the access token is expired
if tk.IsExpired() && tk.Refresh() == "" {
s.Delete(keyToken)
tk = nil
}
}
// Inject tokens.
c.MapTo(tk, (*Tokens)(nil))
}
}
func configureWebapp(conf *WebappConfig) {
var err error
oauthCfg, err = oauth2.NewConfig(
&oauth2.Options{
ClientID: conf.ClientID,
ClientSecret: conf.ClientSecret,
RedirectURL: conf.OAuthBaseURL + "/oauth2callback",
Scopes: []string{"openid", "profile", "email", "https://www.googleapis.com/auth/userinfo.profile"},
},
"https://accounts.google.com/o/oauth2/auth",
"https://accounts.google.com/o/oauth2/token",
)
if err != nil {
log.Fatal("oauth2.NewConfig error: ", err)
}
}
func Example_config() {
conf, err := oauth2.NewConfig(&oauth2.Options{
ClientID: "YOUR_CLIENT_ID",
ClientSecret: "YOUR_CLIENT_SECRET",
RedirectURL: "YOUR_REDIRECT_URL",
Scopes: []string{"SCOPE1", "SCOPE2"},
},
"https://provider.com/o/oauth2/auth",
"https://provider.com/o/oauth2/token")
if err != nil {
log.Fatal(err)
}
// Redirect user to consent page to ask for permission
// for the scopes specified above.
url := conf.AuthCodeURL("state", "online", "auto")
fmt.Printf("Visit the URL for the auth dialog: %v", url)
// Use the authorization code that is pushed to the redirect URL.
// NewTransportWithCode will do the handshake to retrieve
// an access token and initiate a Transport that is
// authorized and authenticated by the retrieved token.
var authorizationCode string
if _, err = fmt.Scan(&authorizationCode); err != nil {
log.Fatal(err)
}
t, err := conf.NewTransportWithCode(authorizationCode)
if err != nil {
log.Fatal(err)
}
// You can use t to initiate a new http.Client and
// start making authenticated requests.
client := http.Client{Transport: t}
client.Get("...")
}
// NewConfig creates a new OAuth2 config that uses Google
// endpoints.
func NewConfig(opts *oauth2.Options) (*oauth2.Config, error) {
return oauth2.NewConfig(opts, uriGoogleAuth, uriGoogleToken)
}