Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[auth/gcp] Adding basic google web auth flow capabilities #231

Merged
merged 17 commits into from Sep 24, 2019
Merged

[auth/gcp] Adding basic google web auth flow capabilities #231

merged 17 commits into from Sep 24, 2019

Conversation

jprobinson
Copy link
Contributor

This is bringing in my recent experimental work from github.com/jprobinson/google-webauth, which aims to ease the burden of adding the Google webauth flow to a Go server.

This comes in the form of a new "Authenticator", which manages the auth web flow but also facilitates hooks for alternate styles of service-to-service and platform authentication/authorization.

I'm going to try this out in a few of my services before bringing in, so feedback welcome!

oliver-nyt
oliver-nyt reviewed Sep 20, 2019
View reviewed changes
auth/gcp/authenticator.go Outdated Show resolved Hide resolved
auth/gcp/authenticator.go Outdated Show resolved Hide resolved
@jprobinson jprobinson requested review from oliver-nyt, dougdonohoe and jonoden and removed request for marwan-at-work September 23, 2019 17:06
oliver-nyt
oliver-nyt approved these changes Sep 23, 2019
View reviewed changes
Copy link
Contributor

@oliver-nyt oliver-nyt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. No tests?

auth/gcp/authenticator.go Outdated Show resolved Hide resolved
@jprobinson
Copy link
Contributor Author

I haven't quite figured out a nice strategy for mocking out the whole oauth redirect. This could definitely use some tests but they may have to wait for some brave soul to tackle.

@oliver-nyt
Copy link
Contributor

Yeah, covering the whole oauth flow is tricky but there are parts of the flow you can test like e.g. the header and CustomFunction bypassing, possibly also redirect.

@jprobinson
Copy link
Contributor Author

I've added tests to cover all the non-callback scenarios. I'll poke around and see how painful those will be.

oliver-nyt
oliver-nyt approved these changes Sep 23, 2019
View reviewed changes
Copy link
Contributor

@oliver-nyt oliver-nyt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💯

auth/gcp/authenticator_test.go
}

// use special path, expect to get through
r = httptest.NewRequest(http.MethodGet, "/bobloblaw", nil)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

<3

@jprobinson jprobinson merged commit b3ea6b3 into master Sep 24, 2019
@jprobinson jprobinson deleted the webauth branch September 24, 2019 15:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jonoden jonoden jonoden approved these changes

@oliver-nyt oliver-nyt oliver-nyt approved these changes

@scentless-apprentice scentless-apprentice Awaiting requested review from scentless-apprentice

@dougdonohoe dougdonohoe Awaiting requested review from dougdonohoe

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@jprobinson @oliver-nyt @dougdonohoe @jonoden @scentless-apprentice