search

zitadel / zitadel-go

ZITADEL Go - The official client library of ZITADEL for an easy integration into your Go project.
https://zitadel.com
Apache License 2.0
68 stars 27 forks source link

Document "magic" routes yielded by `authN` #352

Closed brianfeister closed 2 months ago

brianfeister commented 3 months ago

I'm working on setting up a Go project and bumped into this line where authN magically injects a few routes (presumably /auth/callback amongst others:

https://github.com/zitadel/zitadel-go/blob/aad6fea5e41f95579aa0e7c033b0952500ce3d4a/example/app/app.go#L70-L75

I'm using gorilla/mux as a router (notably, this is just a router and implements a handler signature that's compatible with "net/http" from your example... also other aspects of your example work without issue), so when I register this with route.Handle("/auth/", authN) I'm able to generally use the mw.CheckAuthentication() and mw.RequireAuthentication() methods provided via the Zitadel go SDK github.com/zitadel/zitadel-go/v3/pkg/authentication, but for the auth callback, I get an error

Not found: /auth/callback?code=<code>&state=<state>

Are these "magic" routes provided via the pattern route.Handle("/auth/", authN) documented somewhere so I could implement manually and/or debug?

Also, big kudos 👏 on this project, it's the first auth provider I've found that appears to have a good handle on a working and well-supported path for implementing auth in Go in a server-rendered app that's not JavaScript

brianfeister commented 3 months ago

I'm seeing this in the next branch's pkg/authentication/authenticate.go

https://github.com/zitadel/zitadel-go/blob/aad6fea5e41f95579aa0e7c033b0952500ce3d4a/pkg/authentication/authenticate.go#L160-L171

So it would seem all I need to do is get access to the a (Authenticator[T]) object to wire this up manually myself, but it would be awesome if there a way to do this without a middleware kludge that's vulnerable to breaking when either zitadel-go or gorilla/mux are updated

brianfeister commented 3 months ago

Also, for clarity, I know using gorilla/mux might be slightly outside "the norm" but net/http is lacking a lot of features for pattern-based route-matching. It would be good to have some kind of adapter pattern to handle implementations, perhaps allowing me to pass in a transform function upon bootstrapping the SDK?

brianfeister commented 3 months ago

It would be really helpful if there were docs for the zitadel-go SDK. I'm still poking around in the source code and seeing I'll probably need to use the Authenticate method directly (but can't find where it's exported)

https://github.com/zitadel/zitadel-go/blob/aad6fea5e41f95579aa0e7c033b0952500ce3d4a/pkg/authentication/authenticate.go#L68-L79

Because the router created is a http.NewServeMux() which is incompatible with my router type.

https://github.com/zitadel/zitadel-go/blob/aad6fea5e41f95579aa0e7c033b0952500ce3d4a/pkg/authentication/authenticate.go#L160-L171

brianfeister commented 2 months ago

I ended up simply copying these lines (yielded from the SDK as authN) and setting up my own routes

https://github.com/zitadel/zitadel-go/blob/aad6fea5e41f95579aa0e7c033b0952500ce3d4a/pkg/authentication/authenticate.go#L160-L171