Auth Library for Swift
This project contains Swift packages that can be used to write command-line tools and cloud services that use OAuth to authenticate and authorize access to remote services.
Currently these packages support OAuth1 and OAuth2. They are designed to work on OS X systems and on Linux systems that are running in the Google Cloud.
On OS X systems, OAuth tokens can be obtained using the locally-installed browser and a local web server that is automatically run in the command-line client.
On Linux systems, OAuth tokens can be obtained automatically from the Google Cloud Metadata Service.
On both Linux and OS X systems, OAuth tokens can be obtained automatically for Google Cloud Service Accounts.
Usage and Examples
Sources/Examples contains examples that illustrate OAuth1 and OAuth2 signin for various services. Each requires valid application credentials to run. See the various service providers for details.
The BrowserTokenProvider classes use a local web server to implement
"three-legged OAuth" signin in which users grant permission in a browser
that a provider's server redirects to the client server with a code.
These providers look for OAuth configuration information in "credentials"
YAML files that are expected to be in
$HOME/.credentials. Sample credentials
files are in credentials
and include client IDs, client secrets, and OAuth service URLs.
When OAuth services require registered callback URLs, these should be
specified in the corresponding credentials YAML file. The temporary
web server runs locally on port 8080.
- The local web server is built using swift-nio/http.
- HMAC and SHA1 hashing is performed using CryptoSwift.
- RSA signing of service account JWT tokens uses BigInt.
This is work in progress toward great server-side Swift software. Please take care when using this in production projects: always refer to a tagged version and be aware that interfaces may change in future releases.
We'd love to collaborate on this. See CONTRIBUTING.md for details.
Copyright 2019, Google Inc.
Released under the Apache 2.0 license.
Help us keep the lights on
0.5.0 - Apr 8, 2019
The local webserver used by BrowserTokenProvider is now directly based on SwiftNIO and updated for SwiftNIO 2.0 and Swift 5.
0.4.0 - Jan 29, 2019
The BrowserTokenProviders now use Vapor/HTTP instead of the deprecated swift-server/HTTP. This should fix build problems with recent versions of Swift.