{"id":16885128,"url":"https://github.com/ericchiang/oidc","last_synced_at":"2025-07-21T00:35:02.940Z","repository":{"id":57493472,"uuid":"53028082","full_name":"ericchiang/oidc","owner":"ericchiang","description":"OpenID Connect support for golang.org/x/oauth2","archived":false,"fork":false,"pushed_at":"2016-09-08T14:33:38.000Z","size":55,"stargazers_count":13,"open_issues_count":3,"forks_count":2,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-04-11T12:54:16.312Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ericchiang.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-03-03T06:50:28.000Z","updated_at":"2019-11-13T12:28:25.000Z","dependencies_parsed_at":"2022-08-28T13:53:28.974Z","dependency_job_id":null,"html_url":"https://github.com/ericchiang/oidc","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/ericchiang/oidc","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ericchiang%2Foidc","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ericchiang%2Foidc/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ericchiang%2Foidc/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ericchiang%2Foidc/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ericchiang","download_url":"https://codeload.github.com/ericchiang/oidc/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ericchiang%2Foidc/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266221466,"owners_count":23894966,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-13T16:33:27.449Z","updated_at":"2025-07-21T00:35:02.922Z","avatar_url":"https://github.com/ericchiang.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# OpenID Connect client support for Go\n\n[![GoDoc](https://godoc.org/github.com/ericchiang/oidc?status.svg)](https://godoc.org/github.com/ericchiang/oidc)\n\nThis package implements OpenID Connect client logic for the golang.org/x/oauth2 package.\n\n```go\nprovider, err := oidc.NewProvider(ctx, \"https://accounts.example.com\")\nif err != nil {\n\treturn err\n}\n\n// Configure an OpenID Connect aware OAuth2 client.\noauth2Config := oauth2.Config{\n\tClientID:     clientID,\n\tClientSecret: clientSecret,\n\tRedirectURL:  redirectURL,\n\tEndpoint:     provider.Endpoint(),\n\tScopes:       []string{oidc.ScopeOpenID, \"profile\", \"email\"},\n}\n```\n\nOAuth2 redirects are unchanged.\n\n```go\nfunc handleRedirect(w http.ResponseWriter, r *http.Request) {\n\thttp.Redirect(w, r, oauth2Config.AuthCodeURL(state), http.StatusFound)\n})\n```\n\nFor callbacks the provider can be used to query for [user information](https://openid.net/specs/openid-connect-core-1_0.html#UserInfo) such as email.\n\n```go\nfunc handleOAuth2Callback(w http.ResponseWriter, r *http.Request) {\n\t// Verify state...\n\n\toauth2Token, err := oauth2Config.Exchange(ctx, r.URL.Query().Get(\"code\"))\n\tif err != nil {\n\t\thttp.Error(w, \"Failed to exchange token: \"+err.Error(), http.StatusInternalServerError)\n\t\treturn\n\t}\n\n\tuserinfo, err := provider.UserInfo(ctx, oauth2.StaticTokenSource(oauth2Token))\n\tif err != nil {\n\t\thttp.Error(w, \"Failed to get userinfo: \"+err.Error(), http.StatusInternalServerError)\n\t\treturn\n\t}\n\n\t// ...\n})\n```\n\nOr the provider can be used to verify and inspect the OpenID Connect\n[ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken) in the\n[token response](https://openid.net/specs/openid-connect-core-1_0.html#TokenResponse).\n\n```go\nverifier := provider.NewVerifier(ctx)\n```\n\nThe verifier itself can be constructed with addition checks, such as verifing a\ntoken was issued for a specific client or hasn't expired.\n\n```go\nverifier := provier.NewVerifier(ctx, oidc.VerifyAudience(clientID), oidc.VerifyExpiry())\n```\n\nThe returned verifier can be used to ensure the ID Token (a JWT) is signed by the provider. \n\n```go\nfunc handleOAuth2Callback(w http.ResponseWriter, r *http.Request) {\n\t// Verify state...\n\n\toauth2Token, err := oauth2Config.Exchange(ctx, r.URL.Query().Get(\"code\"))\n\tif err != nil {\n\t\thttp.Error(w, \"Failed to exchange token: \"+err.Error(), http.StatusInternalServerError)\n\t\treturn\n\t}\n\n\t// Extract the ID Token from oauth2 token.\n\trawIDToken, ok := oauth2Token.Extra(\"id_token\").(string)\n\tif !ok {\n\t\thttp.Error(w, \"No ID Token found\", http.StatusInternalServerError)\n\t\treturn\n\t}\n\n\t// Verify that the ID Token is signed by the provider.\n\tidToken, err := verifier.Verify(rawIDToken)\n\tif err != nil {\n\t\thttp.Error(w, \"Failed to verify ID Token: \"+err.Error(), http.StatusInternalServerError)\n\t\treturn\n\t}\n\n\t// Unmarshal ID Token for expected custom claims.\n\tvar claims struct {\n\t\tEmail         string `json:\"email\"`\n\t\tEmailVerified bool   `json:\"email_verified\"`\n\t}\n\tif err := idToken.Claims(\u0026claims); err != nil {\n\t\thttp.Error(w, \"Failed to unmarshal ID Token claims: \"+err.Error(), http.StatusInternalServerError)\n\t\treturn\n\t}\n\n\t// ...\n})\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fericchiang%2Foidc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fericchiang%2Foidc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fericchiang%2Foidc/lists"}