Go-AWS-Auth alternatives and similar packages
Based on the "Authentication & OAuth" category.
Alternatively, view Go-AWS-Auth alternatives based on common mentions on social networks and blogs.
-
oauth2
Successor of goauth2. Generic OAuth 2.0 package that comes with JWT, Google APIs, Compute Engine and App Engine support. -
goth
provides a simple, clean, and idiomatic way to use OAuth and OAuth2. Handles multiple provides out of the box. -
authboss
A modular authentication system for the web. It tries to remove as much boilerplate and "hard things" as possible so that each time you start a new web project in Go, you can plug it in, configure, and start building your app without having to build an authentication system each time. -
go-jose
A fairly complete implementation of the JOSE working group's JSON Web Token, JSON Web Signatures, and JSON Web Encryption specs. -
permissions2
Library for keeping track of users, login states and permissions. Uses secure cookies and bcrypt. -
yubigo
a Yubikey client package that provides a simple API to integrate the Yubico Yubikey into a go application. -
sessions
A dead simple, highly performant, highly customizable sessions service for go http servers. -
Facecontrol
Simple yet powerful authentication, single sign-on and (optinal) authorization solution.
Get performance insights in less than 4 minutes
Do you think we are missing an alternative of Go-AWS-Auth or a related project?
README
go-aws-auth
Go-AWS-Auth is a comprehensive, lightweight library for signing requests to Amazon Web Services.
It's easy to use: simply build your HTTP request and call awsauth.Sign(req)
before sending your request over the wire.
Supported signing mechanisms
- Signed Signature Version 2
- Signed Signature Version 3
- Signed Signature Version 4
- Custom S3 Authentication Scheme
- Security Token Service
- S3 Query String Authentication
- IAM Role
For more info about AWS authentication, see the comprehensive docs at AWS.
Install
Go get it:
$ go get github.com/smartystreets/go-aws-auth
Then import it:
import "github.com/smartystreets/go-aws-auth"
Using your AWS Credentials
The library looks for credentials in this order:
Hard-code: You can manually pass in an instance of
awsauth.Credentials
to any call to a signing function as a second argument:awsauth.Sign(req, awsauth.Credentials{ AccessKeyID: "Access Key ID", SecretAccessKey: "Secret Access Key", SecurityToken: "Security Token", // STS (optional) })
Environment variables: Set the
AWS_ACCESS_KEY_ID
andAWS_SECRET_ACCESS_KEY
environment variables with your credentials. The library will automatically detect and use them. Optionally, you may also set theAWS_SECURITY_TOKEN
environment variable if you are using temporary credentials from STS.IAM Role: If running on EC2 and the credentials are neither hard-coded nor in the environment, go-aws-auth will detect the first IAM role assigned to the current EC2 instance and use those credentials.
(Be especially careful hard-coding credentials into your application if the code is committed to source control.)
Signing requests
Just make the request, have it signed, and perform the request as you normally would.
url := "https://iam.amazonaws.com/?Action=ListRoles&Version=2010-05-08"
client := new(http.Client)
req, err := http.NewRequest("GET", url, nil)
awsauth.Sign(req) // Automatically chooses the best signing mechanism for the service
resp, err := client.Do(req)
You can use Sign
to have the library choose the best signing algorithm depending on the service, or you can specify it manually if you know what you need:
Sign2
Sign3
Sign4
SignS3
(deprecated for Sign4)SignS3Url
(for pre-signed S3 URLs; GETs only)
Contributing
Please feel free to contribute! Bug fixes are more than welcome any time, as long as tests assert correct behavior. If you'd like to change an existing implementation or see a new feature, open an issue first so we can discuss it. Thanks to all contributors!