OAuth2 is an open authorization standard designed to allow resource owners to give clients delegated access to private data (such as wall posts or tweets) via an access token exchange handshake. Even if you do not wish to access the private data, OAuth2 is a great option that allows people to sign in using their existing credentials, without exposing those credentials to a third-party site. In this case, we are the third party, and we want to allow our users to sign in using services that support OAuth2.
From a user's point of view, the OAuth2 flow is as follows:
To avoid reinventing the wheel, we will look at a few open source projects that have already solved this problem for us.
Andrew Gerrand has been working on the core Go team since February 2010, that is, two years before Go 1.0 was officially released. His goauth2
package (see https://github.com/golang/oauth2) is an elegant implementation of the OAuth2 protocol written entirely in Go.
Andrew's project inspired gomniauth
(see https://github.com/stretchr/gomniauth). An open source Go alternative to Ruby's omniauth
project, gomniauth
provides a unified solution to access different OAuth2 services. In the future, when OAuth3 (or whatever the next-generation authorization protocol will be) comes out, in theory gomniauth
could take on the pain of implementing the details, leaving the user code untouched.
For our application, we will use gomniauth
to access OAuth services provided by Google, Facebook, and GitHub, so make sure you have it installed by running the following command:
go get github.com/stretchr/gomniauth
Some of the project dependencies of gomniauth
are kept in Bazaar repositories, so you'll need to head over to http://wiki.bazaar.canonical.com to download them.
18.218.239.182