https://github.com/danthegoodman1/continuewith

Become an OAuth2 provider with any auth backend
https://github.com/danthegoodman1/continuewith

authentication authorization go golang

Last synced: 8 months ago
JSON representation

Become an OAuth2 provider with any auth backend

• Host: GitHub
• URL: https://github.com/danthegoodman1/continuewith
• Owner: danthegoodman1
• Created: 2023-09-16T21:53:03.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2023-10-09T00:41:16.000Z (over 2 years ago)
• Last Synced: 2025-06-01T12:59:49.447Z (8 months ago)
• Topics: authentication, authorization, go, golang
• Language: Go
• Homepage:
• Size: 14.2 MB
• Stars: 4
• Watchers: 2
• Forks: 0
• Open Issues: 1
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# ContinueWith

## TODO

- some endpoint assumed the browser was hitting us directly, this is probably an issue for integration so I started making things posts, but we probably need to decide whether the user has to implement the routes and forward info, or we proxy the consent UI through us.

Become an OAuth2 provider with any auth backend.

ContinueWith is a service that proxies the OAuth2 flow between your backend and clients (apps that want to use you as an oauth provider). It handles:

1. Registering clients

2. All authorization flows (client credentials, authorization code, device code)

3. Refresh and access token management

4. Scope management

For example, maybe you use Firebase, Supabase, or Clerk for manage your users and want to allow other sites to login users and access resources from your platform. ContinueWith manages this oauth flow on top of your existing auth system.

Notion does this: They allow their users to log in with social providers like Google, and also allow other platforms to log in their users with Notion and access things like pages and databases through the Notion API.

* [ContinueWith](#continuewith)

  * [All you need to do:](#all-you-need-to-do)

  * [Examples](#examples)

  * [User API](#user-api)

  * [Admin API](#admin-api)

  * [Client Credentials tokens](#client-credentials-tokens)

## All you need to do:

1. Make a pretty OAuth consent screen that matches your awesome site (we have a stellar guide to help you crush it quickly)

2. Make an API endpoint that we can forward your bearer token or session to when your users give consent, and you give us some user info (you hit this from your consent screen)

3. Define your scopes

4. Add any auth middleware you need to check the access token against ContinueWith and get back user info, scopes, etc. (you just hit our API endpoint to get a userid back from the access token)

## Examples

See the [example](example) provider and client to get a feel for what the behavior looks like, and how easy it is to implement as a provider.

## User API

The user api is the endpoint that clients use to handle the oauth2 flow with you. It looks roughly like this:

(insert flow chart)

## Admin API

The admin api allows you to check access tokens, manage clients, scopes, and more.

## Client Credentials tokens

Normal access tokens have the prefix `a_`. Client credential access tokens are a bit different: They have the prefix `ca_`, and they resolve to the user UserID `_client`.