mirror of
https://github.com/go-gitea/gitea.git
synced 2024-12-15 09:47:39 +08:00
12a1f914f4
* update github.com/alecthomas/chroma v0.8.0 -> v0.8.1 * github.com/blevesearch/bleve v1.0.10 -> v1.0.12 * editorconfig-core-go v2.1.1 -> v2.3.7 * github.com/gliderlabs/ssh v0.2.2 -> v0.3.1 * migrate editorconfig.ParseBytes to Parse * github.com/shurcooL/vfsgen to 0d455de96546 * github.com/go-git/go-git/v5 v5.1.0 -> v5.2.0 * github.com/google/uuid v1.1.1 -> v1.1.2 * github.com/huandu/xstrings v1.3.0 -> v1.3.2 * github.com/klauspost/compress v1.10.11 -> v1.11.1 * github.com/markbates/goth v1.61.2 -> v1.65.0 * github.com/mattn/go-sqlite3 v1.14.0 -> v1.14.4 * github.com/mholt/archiver v3.3.0 -> v3.3.2 * github.com/microcosm-cc/bluemonday 4f7140c49acb -> v1.0.4 * github.com/minio/minio-go v7.0.4 -> v7.0.5 * github.com/olivere/elastic v7.0.9 -> v7.0.20 * github.com/urfave/cli v1.20.0 -> v1.22.4 * github.com/prometheus/client_golang v1.1.0 -> v1.8.0 * github.com/xanzy/go-gitlab v0.37.0 -> v0.38.1 * mvdan.cc/xurls v2.1.0 -> v2.2.0 Co-authored-by: Lauris BH <lauris@nix.lv>
150 lines
3.4 KiB
Markdown
Vendored
150 lines
3.4 KiB
Markdown
Vendored
# Goth: Multi-Provider Authentication for Go [![GoDoc](https://godoc.org/github.com/markbates/goth?status.svg)](https://godoc.org/github.com/markbates/goth) [![Build Status](https://github.com/markbates/goth/workflows/ci/badge.svg)](https://github.com/markbates/goth/actions) [![Go Report Card](https://goreportcard.com/badge/github.com/markbates/goth)](https://goreportcard.com/report/github.com/markbates/goth)
|
|
|
|
Package goth provides a simple, clean, and idiomatic way to write authentication
|
|
packages for Go web applications.
|
|
|
|
Unlike other similar packages, Goth, lets you write OAuth, OAuth2, or any other
|
|
protocol providers, as long as they implement the `Provider` and `Session` interfaces.
|
|
|
|
This package was inspired by [https://github.com/intridea/omniauth](https://github.com/intridea/omniauth).
|
|
|
|
## Installation
|
|
|
|
```text
|
|
$ go get github.com/markbates/goth
|
|
```
|
|
|
|
## Supported Providers
|
|
|
|
* Amazon
|
|
* Apple
|
|
* Auth0
|
|
* Azure AD
|
|
* Battle.net
|
|
* Bitbucket
|
|
* Box
|
|
* Cloud Foundry
|
|
* Dailymotion
|
|
* Deezer
|
|
* DigitalOcean
|
|
* Discord
|
|
* Dropbox
|
|
* Eve Online
|
|
* Facebook
|
|
* Fitbit
|
|
* Gitea
|
|
* GitHub
|
|
* Gitlab
|
|
* Google
|
|
* Google+ (deprecated)
|
|
* Heroku
|
|
* InfluxCloud
|
|
* Instagram
|
|
* Intercom
|
|
* Kakao
|
|
* Lastfm
|
|
* Linkedin
|
|
* LINE
|
|
* Mailru
|
|
* Meetup
|
|
* MicrosoftOnline
|
|
* Naver
|
|
* Nextcloud
|
|
* OneDrive
|
|
* OpenID Connect (auto discovery)
|
|
* Paypal
|
|
* SalesForce
|
|
* Shopify
|
|
* Slack
|
|
* Soundcloud
|
|
* Spotify
|
|
* Steam
|
|
* Strava
|
|
* Stripe
|
|
* Tumblr
|
|
* Twitch
|
|
* Twitter
|
|
* Typetalk
|
|
* Uber
|
|
* VK
|
|
* Wepay
|
|
* Xero
|
|
* Yahoo
|
|
* Yammer
|
|
* Yandex
|
|
|
|
## Examples
|
|
|
|
See the [examples](examples) folder for a working application that lets users authenticate
|
|
through Twitter, Facebook, Google Plus etc.
|
|
|
|
To run the example either clone the source from GitHub
|
|
|
|
```text
|
|
$ git clone git@github.com:markbates/goth.git
|
|
```
|
|
or use
|
|
```text
|
|
$ go get github.com/markbates/goth
|
|
```
|
|
```text
|
|
$ cd goth/examples
|
|
$ go get -v
|
|
$ go build
|
|
$ ./examples
|
|
```
|
|
|
|
Now open up your browser and go to [http://localhost:3000](http://localhost:3000) to see the example.
|
|
|
|
To actually use the different providers, please make sure you set environment variables. Example given in the examples/main.go file
|
|
|
|
## Security Notes
|
|
|
|
By default, gothic uses a `CookieStore` from the `gorilla/sessions` package to store session data.
|
|
|
|
As configured, this default store (`gothic.Store`) will generate cookies with `Options`:
|
|
|
|
```go
|
|
&Options{
|
|
Path: "/",
|
|
Domain: "",
|
|
MaxAge: 86400 * 30,
|
|
HttpOnly: true,
|
|
Secure: false,
|
|
}
|
|
```
|
|
|
|
To tailor these fields for your application, you can override the `gothic.Store` variable at startup.
|
|
|
|
The following snippet shows one way to do this:
|
|
|
|
```go
|
|
key := "" // Replace with your SESSION_SECRET or similar
|
|
maxAge := 86400 * 30 // 30 days
|
|
isProd := false // Set to true when serving over https
|
|
|
|
store := sessions.NewCookieStore([]byte(key))
|
|
store.MaxAge(maxAge)
|
|
store.Options.Path = "/"
|
|
store.Options.HttpOnly = true // HttpOnly should always be enabled
|
|
store.Options.Secure = isProd
|
|
|
|
gothic.Store = store
|
|
```
|
|
|
|
## Issues
|
|
|
|
Issues always stand a significantly better chance of getting fixed if they are accompanied by a
|
|
pull request.
|
|
|
|
## Contributing
|
|
|
|
Would I love to see more providers? Certainly! Would you love to contribute one? Hopefully, yes!
|
|
|
|
1. Fork it
|
|
2. Create your feature branch (git checkout -b my-new-feature)
|
|
3. Write Tests!
|
|
4. Commit your changes (git commit -am 'Add some feature')
|
|
5. Push to the branch (git push origin my-new-feature)
|
|
6. Create new Pull Request
|