New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[auth/gcp] Adding basic google web auth flow capabilities #231
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good. No tests?
I haven't quite figured out a nice strategy for mocking out the whole oauth redirect. This could definitely use some tests but they may have to wait for some brave soul to tackle. |
Yeah, covering the whole oauth flow is tricky but there are parts of the flow you can test like e.g. the header and CustomFunction bypassing, possibly also redirect. |
I've added tests to cover all the non-callback scenarios. I'll poke around and see how painful those will be. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
💯
} | ||
|
||
// use special path, expect to get through | ||
r = httptest.NewRequest(http.MethodGet, "/bobloblaw", nil) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
<3
This is bringing in my recent experimental work from github.com/jprobinson/google-webauth, which aims to ease the burden of adding the Google webauth flow to a Go server.
This comes in the form of a new "Authenticator", which manages the auth web flow but also facilitates hooks for alternate styles of service-to-service and platform authentication/authorization.
I'm going to try this out in a few of my services before bringing in, so feedback welcome!