[Go] Use Open ID Connect with go-oidc

Open ID Connect --There is a token issuance process in the evolved version of outh2 --Delegate to another provider (Google in this case) without having authentication information such as user password in the application itself --There are various providers - Google - AzureAD - AWS Cognito - outh0 --There is a concept of state to prevent spoofing such as cross-site scripting.

Official package

https://github.com/coreos/go-oidc

Installation

git cloen https://github.com/coreos/go-oidc

Set up according to the README of the example

cd go-oidc/example
yuta:~/go-oidc/example (v3=) $ cat README.md
# Examples

These are example uses of the oidc package. Each requires a Google account and the client ID and secret of a registered OAuth2 application. To create one:

1. Visit your [Google Developer Console][google-developer-console].
2. Click "Credentials" on the left column.
3. Click the "Create credentials" button followed by "OAuth client ID".
4. Select "Web application" and add "http://127.0.0.1:5556/auth/google/callback" as an authorized redirect URI.
5. Click create and add the printed client ID and secret to your environment using the following variables:

Access the Google Developer Console

https://console.developers.google.com/

Create authentication information (application)

image.png

Set

image.png

Setting environment variables

--Create will create a client ID and client secret

export GOOGLE_OAUTH2_CLIENT_ID=739786550065-g36863uform2efr5nrvvmjpj30pu9nuf.apps.googleusercontent.com
export GOOGLE_OAUTH2_CLIENT_SECRET=4sLRLGBdYu_un8C58c8Yg2yr

The OS environment variable of the execution server is read by the os package

var (
  clientID     = os.Getenv("GOOGLE_OAUTH2_CLIENT_ID")
  clientSecret = os.Getenv("GOOGLE_OAUTH2_CLIENT_SECRET")
)

Operation check

Start-up

yuta:~/go-oidc/example (v3=) $ go run idtoken/app.go
2021/01/17 16:13:04 listening on http://127.0.0.1:5556/

Access http://127.0.0.1:5556/

image.png

When authentication is successful

image.png

Recommended Posts

[Go] Use Open ID Connect with go-oidc
Connect to Postgresql with GO
Use curl / jq library with Go
How to use SQLAlchemy / Connect with aiomysql
How to use GCP trace with open Telemetry
Python with Go
use go module
Use mecab-ipadic-neologd with igo-python
Use RTX 3090 with PyTorch
Use ansible with cygwin
Use pipdeptree with virtualenv
Use Mock with pytest
Use indicator with pd.merge
File operations with open — "../"
Use Gentelella with django
Use mecab with Python3
Use tensorboard with Chainer
Use DynamoDB with Python
Use pip with MSYS2
Use Python 3.8 with Anaconda
Use pyright with Spacemacs
Use python with docker
Use TypeScript with django-compressor
Use LESS with Django
Use MySQL with Django
Use Enums with SQLAlchemy
Use tensorboard with NNabla
Use GPS with Edison
Use nim with Jupyter
Use ssh with private key public key authentication. Connect from wan.