Deploys.app - Auth

Minimal OAuth2 authentication service for Deploys.app. Acts as an OAuth2 authorization server backed by Google as the identity provider.

Build

$ go build -o auth .

Required environment variables:

Variable	Description
`SQL_URL`	PostgreSQL connection string
`OAUTH2_CLIENT_ID`	Google OAuth app client ID
`OAUTH2_CLIENT_SECRET`	Google OAuth app client secret
`PORT`	Listen port (default: `8080`)

$ ./auth

The schema in schema.sql must be applied to the database before the service starts.

Method	Path	Purpose
`GET`	`/`	Validate the OAuth2 client and redirect to Google
`GET`	`/callback`	Receive Google's code and issue an internal auth code
`POST`	`/token`	Exchange client credentials + code for a user token
`POST`	`/revoke`	Revoke a user token

The provided Dockerfile builds a gcr.io/distroless/static image. CI pushes to registry.moonrhythm.io/deploys-app/auth:<git-sha>.

Name		Name	Last commit message	Last commit date
Latest commit History 53 Commits
.github/workflows		.github/workflows
.editorconfig		.editorconfig
.gitignore		.gitignore
.tool-versions		.tool-versions
CLAUDE.md		CLAUDE.md
Dockerfile		Dockerfile
LICENSE		LICENSE
README.md		README.md
go.mod		go.mod
go.sum		go.sum
handler.go		handler.go
main.go		main.go
oauth2.go		oauth2.go
schema.sql		schema.sql
token.go		token.go