Skip to content

jiachengzhang1/Umbrella.jl

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Umbrella

Umbrella is a simple Julia authentication plugin, it supports Google and GitHub OAuth2 with more to come. Umbrella integrates with Julia web framework such as Genie.jl, Oxygen.jl or Mux.jl effortlessly.

Prerequisite

Before using the plugin, you need to obtain OAuth 2 credentials, see Google Identity Step 1, GitHub: Creating an OAuth App for details.

Installation

pkg> add Umbrella

Basic Usage

Many resources are available describing how OAuth 2 works, please advice OAuth 2.0, Google Identity, or GitHub OAuth 2 for details

Follow the steps below to enable OAuth 2 in your application.

1. Configuration

OAuth 2 required parameters such as client_id, client_secret and redirect_uri need to be configured through Configuration.Options.

scopes is a list of resources the application will access on user's behalf, it is vary from one provider to another.

providerOptions configures the additional parameters at the redirection step, it is dependent on the provider.

const options = Configuration.Options(;
    client_id = "", # client id from an OAuth 2 provider
    client_secret = "", # secret from an OAuth 2 provider
    redirect_uri = "http://localhost:3000/oauth2/google/callback",
    success_redirect = "/protected",
    failure_redirect = "/error",
    scopes = ["profile", "openid", "email"],
    providerOptions = GoogleOptions(access_type="online")
)

init function takes the provider and options, then returns an OAuth 2 instance. Available provider values are :google, :github and facebook. This list is growing as more providers are supported.

oauth2_instance = init(:google, options)

The examples will use Oxygen.jl as the web framework, but the concept is the same for other web frameworks.

2. Handle provider redirection

Create two endpoints,

  • / serve the login page which, in this case, is a Google OAuth 2 link.
  • /oauth2/google handles redirections to an OAuth 2 server.
@get "/" function ()
  return "<a href='/oauth2/google'>Authenticate with Google</a>"
end

@get "/oauth2/google" function ()
  oauth2_instance.redirect()
end

redirect function generates the URL using the parameters in step 1, and redirects users to provider's OAuth 2 server to initiate the authentication and authorization process.

Once the users consent to grant access to one or more scopes requested by the application, OAuth 2 server responds the code for retrieving access token to a callback endpoint.

3. Retrieves tokens

Finally, create the endpoint handling callback from the OAuth 2 server. The path must be identical to the path in redirect_uri from Configuration.Options.

token_exchange function performs two actions,

  1. Use code responded by the OAuth 2 server to exchange an access token.
  2. Get user profile using the access token.

A handler is required for access/refresh tokens and user profile handling.

@get "/oauth2/google/callback" function (req)
  query_params = queryparams(req)
  code = query_params["code"]

  oauth2_instance.token_exchange(code, function (tokens, user)
      # handle tokens and user profile here
    end
  )
end

About

A Simple Authentication plugin for any Web Frameworks in Julia

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages