GitHub-Mirror/auth2
2
0
Fork 0
mirror of https://github.com/Fishwaldo/auth2.git synced 2025-06-03 12:21:22 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
auth2/docs
History
Exact
Justin Hammond 2ee1164dee
Some checks failed
CodeQL Analysis / Analyze (push) Has been cancelled
Details
Go Tests / Run Tests (push) Has been cancelled
Details
Go Tests / Security Scan (push) Has been cancelled
Details
Implement Phase 2.4: OAuth2 Authentication Framework 
This commit implements a comprehensive OAuth2 authentication framework that provides:

**Core Components:**
- Generic OAuth2 provider with authorization code and direct token flows
- Comprehensive configuration system with pre-configured provider settings
- State manager for CSRF protection with secure parameter handling
- Token manager for secure storage, refresh detection, and expiration tracking
- Flow handler for authorization URLs, code exchange, and user info retrieval

**Security Features:**
- CSRF protection via cryptographically secure state parameters
- Automatic token refresh with configurable thresholds
- One-time use state parameter validation
- Secure token and user profile storage using StateStore interface
- Proper error handling without exposing sensitive information

**Pre-configured Providers:**
- Google OAuth2 with OpenID Connect support
- GitHub OAuth2 with user profile mapping
- Microsoft OAuth2 with Graph API integration
- Facebook OAuth2 with profile picture handling

**Developer Experience:**
- Factory pattern for easy provider instantiation
- Quick helper functions: QuickGoogle(), QuickGitHub(), QuickMicrosoft(), QuickFacebook()
- Flexible configuration supporting maps, structs, and tagged configurations
- Extensible profile mapping system for custom providers
- Comprehensive error types with descriptive messages

**Testing & Documentation:**
- 72.8% test coverage with comprehensive unit tests
- Mock-based testing for all major components
- Detailed README with usage examples and security considerations
- Table-driven tests covering success and failure scenarios

**Files Added:**
- pkg/auth/providers/oauth2/provider.go - Main OAuth2 provider implementation
- pkg/auth/providers/oauth2/config.go - Configuration and provider presets
- pkg/auth/providers/oauth2/flow.go - OAuth2 flow handlers
- pkg/auth/providers/oauth2/state.go - CSRF state parameter management
- pkg/auth/providers/oauth2/token.go - Token storage and management
- pkg/auth/providers/oauth2/profile.go - User profile mapping utilities
- pkg/auth/providers/oauth2/factory.go - Provider factory with quick helpers
- pkg/auth/providers/oauth2/types.go - OAuth2 type definitions
- pkg/auth/providers/oauth2/errors.go - OAuth2-specific errors
- pkg/auth/providers/oauth2/README.md - Comprehensive documentation
- Complete test suite for all components

This implementation provides the foundation for Phase 2.5 OAuth2 provider implementations
while maintaining the plugin architecture principles and security best practices.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-05-27 22:53:55 +08:00
..
DESIGN.md Implement plugin system architecture and black box tests 2025-05-20 22:34:49 +08:00
PROJECT_PLAN.md Implement Phase 2.4: OAuth2 Authentication Framework 2025-05-27 22:53:55 +08:00
README.md Initial commit: Project setup phase 1.1 2025-05-20 22:09:10 +08:00

README.md

Auth2 Documentation

Welcome to the Auth2 documentation. This guide will help you understand how to use and extend the Auth2 authentication library.

Table of Contents

  1. Getting Started

    • Installation
    • Basic Setup
    • Configuration Options

  2. Core Concepts

    • Architecture Overview
    • Authentication Flow
    • Session Management

  3. Authentication Methods

  4. Multi-Factor Authentication

  5. Storage Adapters

  6. HTTP Framework Integration

  7. Role-Based Access Control

  8. Security Features

  9. Examples

  10. API Reference

  11. Advanced Usage

  12. Contributing

    • Development Guidelines
    • Testing
    • Pull Request Process