https://github.com/imrenagi/go-oauth2-cli
Example Code for doing oauth2 flow by using cli/terminal
https://github.com/imrenagi/go-oauth2-cli
cli oauth2 oauth2-client
Last synced: 6 months ago
JSON representation
Example Code for doing oauth2 flow by using cli/terminal
- Host: GitHub
- URL: https://github.com/imrenagi/go-oauth2-cli
- Owner: imrenagi
- Created: 2020-07-18T23:17:06.000Z (almost 6 years ago)
- Default Branch: master
- Last Pushed: 2020-07-19T05:04:40.000Z (almost 6 years ago)
- Last Synced: 2024-06-20T02:53:47.995Z (about 2 years ago)
- Topics: cli, oauth2, oauth2-client
- Language: Go
- Homepage:
- Size: 7.21 MB
- Stars: 13
- Watchers: 2
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
GO-SSO-CLI
===
You ever used tools which requires you to do login or authentication via termimnal like `gcloud auth login` or `argocd login` and wondering how to do oauth2 flow in cli or terminal? Here you go. I try to create a simple demo to demonstrate how Ouath2 can be done in terminal.
# Getting Started
This is a sample of ouath client. Thus, you gonna need to have oauth2 server up and running prior running using this example. There are options available:
1. Use [dexidp/dex](https://github.com/dexidp/dex) as the oauth2 server. Simply run the dex server.
1. Use google, github or any others oauth2 provider.
## Testing Against Dex Server
This client sample use `example-app` oauth2 client id and secret registered on the dex server. Thus, you can run it by using:
```
$ make build.binaries
$ ./authcli login --sso
```
## Testing Against Google or any other providers
Please create ouath2 client id and secret for any oauth2 provider you chose. You can use `http://127.0.0.1:8085/callback` as the redirectURL callback or override the value by using `--redirect-uri` flags.
If you want to use google, you can do something like
```
$ ./authcli login --sso --client-id [CLIENT_ID] --client-secret [CLIENT_SECRET] --issuer https://accounts.google.com
```
# Security Warning
If you handle the ouath2 provider callback and exchange the oauth code with access and refresh token on the client, you might need to put the oauth client secret somewhere or directly compiled it on the binary. At this point I'm not sure whether hard coding the app secret on the binary is safe or not. So do it on your own risk. If you think that is safe enough, please let me know.