github.com/blend/go-sdk@v1.20220411.3/oauth/config.go (about) 1 /* 2 3 Copyright (c) 2022 - Present. Blend Labs, Inc. All rights reserved 4 Use of this source code is governed by a MIT license that can be found in the LICENSE file. 5 6 */ 7 8 package oauth 9 10 import ( 11 "context" 12 "encoding/base64" 13 14 "github.com/blend/go-sdk/env" 15 ) 16 17 // Config is the config options. 18 type Config struct { 19 // Secret is an encryption key used to verify oauth state. 20 Secret string `json:"secret,omitempty" yaml:"secret,omitempty" env:"OAUTH_SECRET"` 21 // RedirectURI is the oauth return url. 22 RedirectURI string `json:"redirectURI,omitempty" yaml:"redirectURI,omitempty" env:"OAUTH_REDIRECT_URI"` 23 // HostedDomain is a specific domain we want to filter identities to. 24 HostedDomain string `json:"hostedDomain,omitempty" yaml:"hostedDomain,omitempty" env:"OAUTH_HOSTED_DOMAIN"` 25 // AllowedDomains is a strict list of hosted domains to allow authenticated users from. 26 // If it is unset or empty, it will allow users from *any* hosted domain. 27 AllowedDomains []string `json:"allowedDomains,omitempty" yaml:"allowedDomains,omitempty"` 28 // Scopes are oauth scopes to request. 29 Scopes []string `json:"scopes,omitempty" yaml:"scopes,omitempty"` 30 // ClientID is part of the oauth credential pair. 31 ClientID string `json:"clientID,omitempty" yaml:"clientID,omitempty" env:"OAUTH_CLIENT_ID"` 32 // ClientSecret is part of the oauth credential pair. 33 ClientSecret string `json:"clientSecret,omitempty" yaml:"clientSecret,omitempty" env:"OAUTH_CLIENT_SECRET"` 34 } 35 36 // IsZero returns if the config is set or not. 37 func (c Config) IsZero() bool { 38 return len(c.ClientID) == 0 || len(c.ClientSecret) == 0 39 } 40 41 // Resolve adds extra steps to perform during `configutil.Read(...)`. 42 func (c *Config) Resolve(ctx context.Context) error { 43 return env.GetVars(ctx).ReadInto(c) 44 } 45 46 // DecodeSecret decodes the secret if set from base64 encoding. 47 func (c Config) DecodeSecret() ([]byte, error) { 48 if len(c.Secret) > 0 { 49 decoded, err := base64.StdEncoding.DecodeString(c.Secret) 50 if err != nil { 51 return nil, err 52 } 53 return decoded, nil 54 } 55 return nil, nil 56 } 57 58 // ScopesOrDefault gets oauth scopes to authenticate with or a default set of scopes. 59 func (c Config) ScopesOrDefault() []string { 60 if len(c.Scopes) > 0 { 61 return c.Scopes 62 } 63 return DefaultScopes 64 }