Commit df36e5ae9d4b999bea9a90209b2a256bbb724fcc

Parents: db08971f7466954ed33eb05cb7c84ce19ff556de

From: Moritz Poldrack <git@moritz.sh>
Date: Sun Jan 28 00:09:42 2024 +0700

doc: add some additional documentation

		

Stats

app-password.go +8/-6
doc.go +12/-0
token.go +1/-0

Changeset

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
diff --git a/app-password.go b/app-password.go
index 34a1ad5d8aebca3d7caab580f34be0112d216833..ea7b47883b09516eaa4fc8f2a63dc3d96f2fb9e0 100644
--- a/app-password.go
+++ b/app-password.go
@@ -12,16 +12,18 @@
 	"golang.org/x/oauth2"
 )
 
-func (c *Configuration) UseAppPassword(username, password string) (*Token, error) {
+// UseAppPassword returns a token using the app password flow. This is less
+// secure and should be generally avoided.
+func (cfg *Configuration) UseAppPassword(username, password string) (*Token, error) {
 	data := url.Values{}
 	data.Set("grant_type", "password")
-	data.Set("client_id", c.oauthCfg.ClientID)
-	data.Set("client_secret", c.oauthCfg.ClientSecret)
+	data.Set("client_id", cfg.oauthCfg.ClientID)
+	data.Set("client_secret", cfg.oauthCfg.ClientSecret)
 	data.Set("username", username)
 	data.Set("password", password)
-	data.Set("scope", strings.Join(c.oauthCfg.Scopes, " "))
+	data.Set("scope", strings.Join(cfg.oauthCfg.Scopes, " "))
 
-	req, err := http.NewRequest("POST", c.oauthCfg.Endpoint.TokenURL, strings.NewReader(data.Encode()))
+	req, err := http.NewRequest("POST", cfg.oauthCfg.Endpoint.TokenURL, strings.NewReader(data.Encode()))
 	if err != nil {
 		return nil, fmt.Errorf("failed to build request: %w", err)
 	}
@@ -55,7 +57,7 @@ 		Expiry:      time.Now().Add(time.Duration(exp) * time.Second),
 	}
 	OA2Token = OA2Token.WithExtra(tok)
 
-	t := c.newToken(OA2Token)
+	t := cfg.newToken(OA2Token)
 
 	return t, nil
 }
diff --git a/doc.go b/doc.go
new file mode 100644
index 0000000000000000000000000000000000000000..bad4f57cbc80313ccefd8eeff00c84c3d8e3cccd
--- /dev/null
+++ b/doc.go
@@ -0,0 +1,12 @@
+// Package oidc is a simple OpenID Connect client library for Go. Its goal is
+// to make OIDC based authentication as easy as it should be. Give it the
+// application URL, provide credentials, done.
+//
+// Why should this exist? Honestly, it shouldn't. I don't know if I missed the
+// other 200 libraries out there that already solve this issue, or if I am
+// really the first person to think of it.
+//
+// There are also examples available, even if pkg.go.dev decides not to show
+// them. Just check the sourcecode for simple examples on how to use the
+// various functions.
+package oidc
diff --git a/token.go b/token.go
index 457d50b7f777f201cee654f419b981b7222f155d..f83a8bec54ad54a95b888eab290918162915ddd8 100644
--- a/token.go
+++ b/token.go
@@ -132,6 +132,7 @@ func (t *Token) Token() (*oauth2.Token, error) {
 	return t.source.Token()
 }
 
+// Valid returns true if the token is still valid
 func (t *Token) Valid() bool {
 	exp := t.Expiration()
 	return exp.After(time.Now())