NewAuth0 ...

NewAuthMux constructs a Mux handler that checks a cookie against the authenticator.

NewCodeExchange ...

NewCookieJWT creates an Authenticator that uses cookies for auth.

NewJWT creates a new JWT using time.Now secret is used for signing and validating signatures (HS256/HMAC) jwksurl is used for validating RS256 signatures.

DefaultCookieName is the name of the stored cookie.

HerokuAccountRoute is required for interacting with Heroku API.

TenMinutes is the default length of time to get a response back from the OAuth provider.

DefaultNowTime returns UTC time at the present moment.

ErrAuthentication means that oauth2 exchange failed.

ErrOrgMembership means that the user is not in the OAuth2 filtered group.

GoogleEndpoint is Google's OAuth 2.0 endpoint.

PrincipalKey is used to pass principal via context.Context to request-scoped functions.

Auth0 ...

AuthMux services an Oauth2 interaction with a provider and browser and stores the resultant token in the user's browser as a cookie.

Claims extends jwt.StandardClaims' Valid to make sure claims has a subject.

CodeExchangeCSRF prevents CSRF attacks during retrieval of OAuth token by using a signed random state in the exchange with authorization server.

CodeExchangePKCE extends CodeExchangeCSRF and adds OAuth2 PKCE to protect against interception attacks.

Generic provides OAuth Login and Callback server and is modeled after the Github OAuth2 provider.

Github provides OAuth Login and Callback server.

Google is an oauth2 provider supporting google.

Heroku is an OAuth2 Provider allowing users to authenticate with Heroku to gain access to CloudHub.

JWK defines a JSON Web KEy nested struct.

JWKS defines a JKW[].

JWT represents a javascript web token that can be validated or marshaled into string.

Principal is any entity that can be authenticated.

UserEmail represents user's email address.

WrappedUserEmails represents (bitbucket's) structure that wraps email addresses in a values field.

Authenticator represents a service for authenticating users.

CodeExchange helps to ensure secure exchange of the authorization code for token.

ExtendedProvider extendts the base Provider interface with optional methods.

Mux is a collection of handlers responsible for servicing an Oauth2 interaction between a browser and a provider.

Provider are the common parameters for all providers (RFC 6749).

Tokenizer substitutes a sensitive data element (Principal) with a non-sensitive equivalent, referred to as a token, that has no extrinsic or exploitable meaning or value.

Token represents a time-dependent reference (i.e.