Working client.

Welp, I know it works. I don't have any tests. Some of this could be tested, but a lot of it I'm not so sure about until I have a server implementation to go along with it (and even then I'm unsure, since it'll still need an actual oAuth provider...). One big gotcha is that this uses a G5 fork of the oauth2 library because of reasons you can read about there.
G5 · Oct 21, 2015 · 2c0e495 · 2c0e495
commit 2c0e495
Show file tree

Hide file tree

Showing 2 changed files with 95 additions and 0 deletions.
diff --git a/client/client.go b/client/client.go
@@ -0,0 +1,26 @@
+package client
+
+import (
+	"net/http"
+
+	"github.com/G5/oauth2"
+	"golang.org/x/net/context"
+)
+
+// PasswordAuthenticatedClientFromConfig handles some boilerplate for
+// service-to-service username/password authenticated client creation for you.
+// Config should likely be created by one of the convenience functions in
+// gog5auth/client, username and password should for the service account, and
+// ctx is optional.
+func PasswordAuthenticatedClientFromConfig(conf *oauth2.Config, username, password string, ctx context.Context) (*http.Client, error) {
+	if ctx == nil {
+		ctx = context.Background()
+	}
+
+	token, err := conf.PasswordCredentialsToken(ctx, username, password)
+	if err != nil {
+		return nil, err
+	}
+
+	return conf.Client(ctx, token), nil
+}
diff --git a/client/config.go b/client/config.go
@@ -0,0 +1,69 @@
+package client
+
+import (
+	"errors"
+	"fmt"
+	"os"
+
+	"github.com/G5/oauth2"
+)
+
+// Variables to communicate with the auth server and request credentials. Not
+// all are required. Use InitializeFromEnvironment to automatically set these
+// from G5-standard environment variable names.
+var (
+	Endpoint     = "auth.g5search.com"
+	ClientID     string
+	ClientSecret string
+)
+
+// InitializeFromEnvironment sets package-level configuration via G5-standard
+// environment variable names.
+func InitializeFromEnvironment() error {
+	ClientID = os.Getenv("G5_AUTH_CLIENT_ID")
+	ClientSecret = os.Getenv("G5_AUTH_CLIENT_SECRET")
+
+	if e := os.Getenv("G5_AUTH_ENDPOINT"); e != "" {
+		Endpoint = e
+	}
+
+	if ClientID == "" {
+		return errors.New("missing G5Auth ClientID")
+	}
+
+	if ClientSecret == "" {
+		return errors.New("missing G5Auth ClientSecret")
+	}
+
+	if Endpoint == "" {
+		return errors.New("missing G5Auth Endpoint")
+	}
+
+	return nil
+}
+
+// NewStandaloneConfig creates a config using the weird redirect string that is
+// peculiar to oauth2, which G5 Auth respects. Useful when you are making
+// server-to-server requests using a service account.
+func NewStandaloneConfig() *oauth2.Config {
+	return NewConfigForRedirectURL("urn:ietf:wg:oauth:2.0:oob")
+}
+
+// NewConfigForRedirectURL builds a config for the passed-in redirect URL.
+func NewConfigForRedirectURL(url string) *oauth2.Config {
+	return &oauth2.Config{
+		ClientID:     ClientID,
+		ClientSecret: ClientSecret,
+		RedirectURL:  url,
+		Endpoint:     NewDefaultEndpoint(),
+	}
+}
+
+// NewDefaultEndpoint creates an endpoint using the package-level endpoint with
+// URLs configured for G5Auth.
+func NewDefaultEndpoint() oauth2.Endpoint {
+	return oauth2.Endpoint{
+		AuthURL:  fmt.Sprintf("https://%s/oauth/authorize", Endpoint),
+		TokenURL: fmt.Sprintf("https://%s/oauth/token", Endpoint),
+	}
+}