~mpldr/oidc

260de4c6 — Moritz Poldrack 11 months ago
doc: add example for device authorization
646d3dcd — Moritz Poldrack 11 months ago
doc: update example for option functions
ddd36ab6 — Moritz Poldrack 11 months ago
device: add device grant-type grants

clone

read-only
https://git.sr.ht/~mpldr/oidc
read/write
git@git.sr.ht:~mpldr/oidc

You can also use your local clone with git send-email.

#Oh, I don't care

OIDC stands for Open ID Connect, but honestly I just don't give a shit about its internals. What's the use of a well-known address if it's not used most of the time?! Introducing: Oh, I don't care. Taking the pain out of OIDC.

#How it works

It's really difficult:

// create a config
cfg := oidc.Configure("https://sso.provi.de/application/o/my-cool-app/.well-known/openid-configuration")
cfg.SetCredentials(clientID, clientSecret)
cfg.SetScopes("openid", "email") // optional: set scopes

Then you redirect the user to the application:

func (a *Authenticator) signIn(w http.ResponseWriter, r *http.Request) {
	url := a.cfg.GetAuthorizationURL()
	http.Redirect(w, r, url, http.StatusTemporaryRedirect)
}

And wait for the callback:

func (a *Authenticator) callback(w http.ResponseWriter, r *http.Request) {
	tok, err := a.cfg.Callback(r.FormValue("code"), r.FormValue("state"))
	if err != nil {
		http.Error(w, err.Error(), http.StatusUnauthorized)
		return
	}

	// set a cookie, initialize a session, do stuff
}

#Licence

This project is licensed under the MPL-2.0 licence. See the licence header in each file.