go-oidc
module
This package is not in the latest version of its module.
Details
Validgo.mod file
The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
- Redistributable license
Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
- Tagged version
Modules with tagged versions give importers more predictable builds.
- Stable version
When a project reaches major version v1 it is considered stable.
- Learn more about best practices
Repository
Links
Open Source Insights
README¶
go-oidc
Updates from v2 to v3
There were two breaking changes made to the v3 branch. The import path has changed from:
github.com/coreos/go-oidcto:
github.com/coreos/go-oidc/v3/oidcAnd the return type ofNewRemoteKeySet() is now*RemoteKeySet instead of an interface (#262).
OpenID Connect support for Go
This package enables OpenID Connect support for thegolang.org/x/oauth2 package.
provider, err := oidc.NewProvider(ctx, "https://accounts.google.com")if err != nil { // handle error}// Configure an OpenID Connect aware OAuth2 client.oauth2Config := oauth2.Config{ ClientID: clientID, ClientSecret: clientSecret, RedirectURL: redirectURL, // Discovery returns the OAuth2 endpoints. Endpoint: provider.Endpoint(), // "openid" is a required scope for OpenID Connect flows. Scopes: []string{oidc.ScopeOpenID, "profile", "email"},}OAuth2 redirects are unchanged.
func handleRedirect(w http.ResponseWriter, r *http.Request) { http.Redirect(w, r, oauth2Config.AuthCodeURL(state), http.StatusFound)}The on responses, the provider can be used to verify ID Tokens.
var verifier = provider.Verifier(&oidc.Config{ClientID: clientID})func handleOAuth2Callback(w http.ResponseWriter, r *http.Request) { // Verify state and errors. oauth2Token, err := oauth2Config.Exchange(ctx, r.URL.Query().Get("code")) if err != nil { // handle error } // Extract the ID Token from OAuth2 token. rawIDToken, ok := oauth2Token.Extra("id_token").(string) if !ok { // handle missing token } // Parse and verify ID Token payload. idToken, err := verifier.Verify(ctx, rawIDToken) if err != nil { // handle error } // Extract custom claims var claims struct { Email string `json:"email"` Verified bool `json:"email_verified"` } if err := idToken.Claims(&claims); err != nil { // handle error }}
Directories¶
| Path | Synopsis |
|---|---|
example | |
idtokencommand This is an example application to demonstrate parsing an ID Token. | This is an example application to demonstrate parsing an ID Token. |
userinfocommand This is an example application to demonstrate querying the user info endpoint. | This is an example application to demonstrate querying the user info endpoint. |
Package oidc implements OpenID Connect client logic for the golang.org/x/oauth2 package. | Package oidc implements OpenID Connect client logic for the golang.org/x/oauth2 package. |
oidctest Package oidctest implements a test OpenID Connect server. | Package oidctest implements a test OpenID Connect server. |