OAuth & OIDC

GitHub (simple)

import "github.com/izetmolla/goauth/providers/github"

github.New("CLIENT_ID", "CLIENT_SECRET")

Callback URL: https://your-host/auth/callback/github

Google (OIDC discovery)

import "github.com/izetmolla/goauth/providers/google"

google.New("CLIENT_ID", "CLIENT_SECRET")

Discovers authorization, token, and userinfo endpoints from Google's issuer.

Generic OAuth 2.0

import "github.com/izetmolla/goauth/providers/oauth"

oauth.New(oauth.Options{
    ID:   "discord",
    Name: "Discord",
    ClientID: id, ClientSecret: secret,
    AuthorizationURL: "https://discord.com/api/oauth2/authorize",
    TokenURL:         "https://discord.com/api/oauth2/token",
    UserInfoURL:      "https://discord.com/api/users/@me",
    Scopes:           []string{"identify", "email"},
    Profile: func(p goauth.Profile, _ goauth.TokenSet) (*goauth.User, error) {
        return &goauth.User{
            ID:    fmt.Sprint(p["id"]),
            Email: fmt.Sprint(p["email"]),
        }, nil
    },
})

Generic OIDC

import "github.com/izetmolla/goauth/providers/oidc"

oidc.New(oidc.Options{
    ID:     "keycloak",
    Issuer: "https://id.example.com/realms/myrealm",
    ClientID: id, ClientSecret: secret,
    Profile: mapProfile,
})

Security checks

OAuth providers support Auth.js checks:

Check	Purpose
`pkce`	Proof Key for Code Exchange
`state`	CSRF on redirect
`nonce`	OIDC ID token validation

Configured via Checks: []goauth.Check{goauth.CheckPKCE, goauth.CheckState} on oauth.Options / oidc.Options.

Advanced: custom scopes + ResolveUser

See ResolveUser for persisting provider tokens and profile fields after OAuth.

GitHub (simple)​

Google (OIDC discovery)​

Generic OAuth 2.0​

Generic OIDC​

Security checks​

Advanced: custom scopes + ResolveUser​