@ -8,6 +8,10 @@ protocol providers, as long as they implement the `Provider` and `Session` inter
This package was inspired by [https://github.com/intridea/omniauth](https://github.com/intridea/omniauth).
## Goth Needs a New Maintainer
[https://blog.gobuffalo.io/goth-needs-a-new-maintainer-626cd47ca37b](https://blog.gobuffalo.io/goth-needs-a-new-maintainer-626cd47ca37b) - TL;DR: I, @markbates, won't be responding to any more issues, PRs, etc... for this package. A new maintainer needs to be found ASAP. Is this you?
## Installation
```text
@ -18,6 +22,8 @@ $ go get github.com/markbates/goth
* Amazon
* Auth0
* Azure AD
* Battle.net
* Bitbucket
* Box
* Cloud Foundry
@ -26,6 +32,7 @@ $ go get github.com/markbates/goth
* Digital Ocean
* Discord
* Dropbox
* Eve Online
* Facebook
* Fitbit
* GitHub
@ -38,6 +45,7 @@ $ go get github.com/markbates/goth
* Lastfm
* Linkedin
* Meetup
* MicrosoftOnline
* OneDrive
* OpenID Connect (auto discovery)
* Paypal
@ -50,7 +58,9 @@ $ go get github.com/markbates/goth
* Twitch
* Twitter
* Uber
* VK
* Wepay
* Xero
* Yahoo
* Yammer
@ -71,17 +81,51 @@ $ go get github.com/markbates/goth
```text
$ cd goth/examples
$ go get -v
$ go build
$ go build
$ ./examples
```
Now open up your browser and go to [http://localhost:3000](http://localhost:3000) to see the example.
To actually use the different providers, please make sure you configure them given the system environments as defined in the examples/main.go file
To actually use the different providers, please make sure you set environment variables. Example given in the examples/main.go file
## Security Notes
By default, gothic uses a `CookieStore` from the `gorilla/sessions` package to store session data.
As configured, this default store (`gothic.Store`) will generate cookies with `Options`:
```go
&Options{
Path: "/",
Domain: "",
MaxAge: 86400 * 30,
HttpOnly: true,
Secure: false,
}
```
To tailor these fields for your application, you can override the `gothic.Store` variable at startup.
The follow snippet show one way to do this:
```go
key := "" // Replace with your SESSION_SECRET or similar
maxAge := 86400 * 30 // 30 days
isProd := false // Set to true when serving over https
store := sessions.NewCookieStore([]byte(key))
store.MaxAge(maxAge)
store.Options.Path = "/"
store.Options.HttpOnly = true // HttpOnly should always be enabled
store.Options.Secure = isProd
gothic.Store = store
```
## Issues
Issues always stand a significantly better chance of getting fixed if the are accompanied by a
Issues always stand a significantly better chance of getting fixed if they are accompanied by a
pull request.
## Contributing
@ -94,50 +138,3 @@ Would I love to see more providers? Certainly! Would you love to contribute one?
4. Commit your changes (git commit -am 'Add some feature')
5. Push to the branch (git push origin my-new-feature)
fmt.Println("goth/gothic: no SESSION_SECRET environment variable is set. The default cookie store is not available and any calls will fail. Ignore this warning if you are using a different store.")
}
@ -130,7 +151,7 @@ as either "provider" or ":provider".
Seehttps://github.com/markbates/goth/examples/main.go to see this in action.
fmt.Println("goth/gothic: no SESSION_SECRET environment variable is set. The default cookie store is not available and any calls will fail. Ignore this warning if you are using a different store.")
// loop over the used providers, if we already have a valid session for any provider (ie. user is already logged-in with a provider), then return that provider name
for_,provider:=rangeproviders{
p:=provider.Name()
session,_:=Store.Get(req,p+SessionName)
value:=session.Values[p]
if_,ok:=value.(string);ok{
returnp,nil
}
}
ifprovider==""{
provider=req.URL.Query().Get(":provider")
// try to get it from the url param "provider"
ifp:=req.URL.Query().Get("provider");p!=""{
returnp,nil
}
ifprovider==""{
returnprovider,errors.New("you must select a provider")
// try to get it from the url param ":provider"
ifp:=req.URL.Query().Get(":provider");p!=""{
returnp,nil
}
// try to get it from the context's value of "provider" key
ifp,ok:=mux.Vars(req)["provider"];ok{
returnp,nil
}
returnprovider,nil
// try to get it from the go-context's value of "provider" key