/iapgo

Go library to handle access authentication to endpoints behind Google Cloud Identity-Aware Proxy (IAP).

Primary LanguageGoMIT LicenseMIT

iapgo

Build Status codecov GoDoc

iapgo is a Go library to help authenticating access to endpoints behind Google Cloud Identity-Aware Proxy.

This library is heavily using golang.org/x/oauth2/google to handle credentials parsing and authentication.

Usage

import (
    "log"
    "net/http"

    "github.com/bukalapak/iapgo"
)

func main() {
    // Initialize Transport to be used. Define iapClientID with the OAuth Client
    // ID of the IAP that protects the endpoint.
    iapClientID := "12345678901-abcdefghijklmnopqrstuvwxyz123456.apps.googleusercontent.com"

    // Upon Transport creation, the service account key will be searched using
    // Application Default Credentials (ADC) strategy described in
    // https://cloud.google.com/docs/authentication/production.
    transport, err := iapgo.NewTransport(iapClientID)
    if err != nil {
        log.Fatal(err)
    }

    // Pair Transport with an http.Client.
    client := &http.Client{
        Transport: transport,
    }

    // Access endpoints behind IAP.
    client.Get("...")
}