-
Notifications
You must be signed in to change notification settings - Fork 109
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Oauth #50
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Provider is now a struct, not an interface. The constructor requires all the necessary bits. This makes it easier to put common behavior somewhere, like injecting the return URL or adding extra scopes (TBD).
this enables google oauth integration. ideally the others only need a single credential pair as well.
in some degenerate cases we must return to a failsafe url
i can't see how it's necessary here. should clean this up.
does it work now? |
yes! 🎉 i currently have it working in a demo app, and have written some basic docs for how to integrate. i've been ill the past few days, though, and haven't settled on a release plan. if you're in a position to build and try this branch that would be awesome. otherwise i'll plan on making a new release of authn with oauth in some kind of beta status. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds OAuth support to AuthN.
In this setup, AuthN hides all of the OAuth 2.0 implementation details from the main application. The main application redirects users through AuthN and then relies on the refresh endpoint to acquire an identity token.
An AuthN account may have a linked identity with each configured provider.
Only Google OAuth has been implemented, but other providers are easy to add.
Currently there is no way for the application to know if a user's session originated with OAuth. In the future, AuthN may provide the application with the user's current access token for business logic.
Outcomes
There are three success outcomes of the OAuth integration:
Failure outcomes include:
TODO
Fixes #11