proxy.golang.org : github.com/StalkR/openid
Package openid implements OpenID Connect authentication. The package uses the ID Token flow, as it conveniently stores the user email in the claims, so no further exchange requests are required. A temporary nonce cookie (__Host-AuthNonce) is established at the beginning and verified at the end of the flow, protecting against login CSRF. As the ID token is returned to the redirect URI in the fragment, a small JavaScript is responsible for sending it to the server via POST. The ID token is then verified and stored in a cookie (__Host-AuthToken) with an expiration of 1 year. On future requests, the ID token is obtained and verified from the cookie, and the user email can be extracted. Since the ID token expiration is typically only 1h, expiry is only verified during authentication and not in subsequent requests. The user email must be verified at the provider. To use it: 1) Choose an identity provider, e.g. Google 2) Register an OAuth application at the provider 3) Use the package
Registry
-
Source
- Documentation
- JSON
purl: pkg:golang/github.com/%21stalk%21r/openid
License: Apache-2.0
Latest release: 6 months ago
First release: over 5 years ago
Namespace: github.com/StalkR
Stars: 2 on GitHub
Forks: 1 on GitHub
See more repository details: repos.ecosyste.ms
Last synced: 25 days ago