github.com/blend/go-sdk@v1.20220411.3/oauth/config.go (about)

     1  /*
     2  
     3  Copyright (c) 2022 - Present. Blend Labs, Inc. All rights reserved
     4  Use of this source code is governed by a MIT license that can be found in the LICENSE file.
     5  
     6  */
     7  
     8  package oauth
     9  
    10  import (
    11  	"context"
    12  	"encoding/base64"
    13  
    14  	"github.com/blend/go-sdk/env"
    15  )
    16  
    17  // Config is the config options.
    18  type Config struct {
    19  	// Secret is an encryption key used to verify oauth state.
    20  	Secret string `json:"secret,omitempty" yaml:"secret,omitempty" env:"OAUTH_SECRET"`
    21  	// RedirectURI is the oauth return url.
    22  	RedirectURI string `json:"redirectURI,omitempty" yaml:"redirectURI,omitempty" env:"OAUTH_REDIRECT_URI"`
    23  	// HostedDomain is a specific domain we want to filter identities to.
    24  	HostedDomain string `json:"hostedDomain,omitempty" yaml:"hostedDomain,omitempty" env:"OAUTH_HOSTED_DOMAIN"`
    25  	// AllowedDomains is a strict list of hosted domains to allow authenticated users from.
    26  	// If it is unset or empty, it will allow users from *any* hosted domain.
    27  	AllowedDomains []string `json:"allowedDomains,omitempty" yaml:"allowedDomains,omitempty"`
    28  	// Scopes are oauth scopes to request.
    29  	Scopes []string `json:"scopes,omitempty" yaml:"scopes,omitempty"`
    30  	// ClientID is part of the oauth credential pair.
    31  	ClientID string `json:"clientID,omitempty" yaml:"clientID,omitempty" env:"OAUTH_CLIENT_ID"`
    32  	// ClientSecret is part of the oauth credential pair.
    33  	ClientSecret string `json:"clientSecret,omitempty" yaml:"clientSecret,omitempty" env:"OAUTH_CLIENT_SECRET"`
    34  }
    35  
    36  // IsZero returns if the config is set or not.
    37  func (c Config) IsZero() bool {
    38  	return len(c.ClientID) == 0 || len(c.ClientSecret) == 0
    39  }
    40  
    41  // Resolve adds extra steps to perform during `configutil.Read(...)`.
    42  func (c *Config) Resolve(ctx context.Context) error {
    43  	return env.GetVars(ctx).ReadInto(c)
    44  }
    45  
    46  // DecodeSecret decodes the secret if set from base64 encoding.
    47  func (c Config) DecodeSecret() ([]byte, error) {
    48  	if len(c.Secret) > 0 {
    49  		decoded, err := base64.StdEncoding.DecodeString(c.Secret)
    50  		if err != nil {
    51  			return nil, err
    52  		}
    53  		return decoded, nil
    54  	}
    55  	return nil, nil
    56  }
    57  
    58  // ScopesOrDefault gets oauth scopes to authenticate with or a default set of scopes.
    59  func (c Config) ScopesOrDefault() []string {
    60  	if len(c.Scopes) > 0 {
    61  		return c.Scopes
    62  	}
    63  	return DefaultScopes
    64  }