# golang/oauth2

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/golang-oauth2).**

5,872 stars · 1,046 forks · Go · BSD-3-Clause

## Links

- GitHub: https://github.com/golang/oauth2
- Homepage: https://golang.org/x/oauth2
- awesome-repositories: https://awesome-repositories.com/repository/golang-oauth2.md

## Description

This is a Go library for obtaining, refreshing, and attaching OAuth 2.0 access tokens to HTTP requests. It provides a generic token source interface with interchangeable implementations for different OAuth 2.0 grant types, and wraps the Go net/http transport layer to automatically attach access tokens as Authorization headers on outgoing requests.

The library supports the authorization code flow, generating consent page URLs and exchanging authorization codes for tokens. It also implements the device authorization grant for authentication on devices without a browser, and the resource owner password credentials grant for trusted client scenarios. For long-lived credentials, it offers a static token source that always returns the same token.

Token lifecycle management covers acquisition, caching, and automatic refresh using stored refresh tokens. The library caches tokens until they expire, then transparently fetches fresh ones without interrupting the caller. It also provides an authenticated HTTP client that wraps any HTTP client with automatic token injection and refresh.

## Tags

### Security & Cryptography

- [OAuth 2.0 Authorization Flows](https://awesome-repositories.com/f/security-cryptography/oauth-2-0-authorization-flows.md) — A Go library for obtaining, refreshing, and attaching OAuth 2.0 access tokens to HTTP requests. ([source](https://cdn.jsdelivr.net/gh/golang/oauth2@main/README.md))
- [Go Client Libraries](https://awesome-repositories.com/f/security-cryptography/oauth-2-0-authorization-flows/go-client-libraries.md) — Provides a Go library for obtaining, refreshing, and attaching OAuth 2.0 access tokens to HTTP requests.
- [OAuth Token Refreshes](https://awesome-repositories.com/f/security-cryptography/account-management/account-synchronization/credential-refreshers/oauth-token-refreshes.md) — Provides a token source interface with implementations for refresh, caching, and static credentials.
- [Automatic Token Refreshes](https://awesome-repositories.com/f/security-cryptography/account-management/account-synchronization/credential-refreshers/oauth-token-refreshes/automatic-token-refreshes.md) — Transparently obtains new access tokens using stored refresh tokens when current ones expire. ([source](https://golang.org/x/oauth2))
- [Authorization Code Exchanges](https://awesome-repositories.com/f/security-cryptography/authorization-code-exchanges.md) — Generates consent page URLs and exchanges authorization codes for access tokens. ([source](https://golang.org/x/oauth2))
- [Automatic Request Token Injection](https://awesome-repositories.com/f/security-cryptography/bearer-token-authentication/automatic-request-token-injection.md) — Adds access tokens as Authorization headers on outgoing HTTP requests made with the Go net/http client. ([source](https://cdn.jsdelivr.net/gh/golang/oauth2@main/README.md))
- [Transport-Level Token Injectors](https://awesome-repositories.com/f/security-cryptography/bearer-token-authentication/automatic-request-token-injection/transport-level-token-injectors.md) — Wraps the Go net/http transport layer to automatically attach OAuth 2.0 access tokens as Authorization headers.
- [Authorization Code Exchanges](https://awesome-repositories.com/f/security-cryptography/oauth-2-0-authorization-flows/authorization-code-exchanges.md) — Exchanges authorization codes for access tokens after redirecting users to consent pages.
- [Authorization Code Flow Handlers](https://awesome-repositories.com/f/security-cryptography/oauth-2-0-authorization-flows/authorization-code-flow-handlers.md) — Generates consent page URLs and exchanges authorization codes for access tokens.
- [Authorization Code Flow Initiators](https://awesome-repositories.com/f/security-cryptography/oauth-2-0-authorization-flows/authorization-code-flow-initiators.md) — Initiates the three-legged OAuth 2.0 authorization code flow with consent URL generation and code exchange. ([source](https://golang.org/x/oauth2))
- [Token Acquisitions](https://awesome-repositories.com/f/security-cryptography/oauth-2-0-authorization-flows/token-acquisitions.md) — Exchanges authorization codes and credentials for short-lived access tokens and optional refresh tokens. ([source](https://cdn.jsdelivr.net/gh/golang/oauth2@main/README.md))
- [OAuth2 Token Source Suppliers](https://awesome-repositories.com/f/security-cryptography/token-based-authentication/oauth2-access-token-issuance/oauth2-token-source-suppliers.md) — Provides a generic token source interface with interchangeable implementations for different OAuth 2.0 grant types.
- [Device Authorization Flow Clients](https://awesome-repositories.com/f/security-cryptography/token-based-authorization/token-operator-authorizations/request-authorizations/device-authorization-redirects/cross-device-authorizations/device-authorization-flow-clients.md) — Initiates the OAuth 2.0 device authorization flow by polling for user approval and retrieving tokens.
- [Device Grant Implementations](https://awesome-repositories.com/f/security-cryptography/token-based-authorization/token-operator-authorizations/request-authorizations/device-authorization-redirects/cross-device-authorizations/device-grant-implementations.md) — Implements the OAuth 2.0 Device Authorization Grant for headless devices with polling for user approval.
- [Device Authorization Flow Initiators](https://awesome-repositories.com/f/security-cryptography/token-based-authorization/token-operator-authorizations/request-authorizations/device-authorization-redirects/device-authorization-flow-initiators.md) — Starts the OAuth 2.0 device authorization flow by obtaining a device code and polling for user approval. ([source](https://golang.org/x/oauth2))
- [Device Authorization Polling Clients](https://awesome-repositories.com/f/security-cryptography/token-based-authorization/token-operator-authorizations/request-authorizations/device-authorization-redirects/device-authorization-polling-clients.md) — Implements the OAuth 2.0 device authorization grant with polling for user approval on browserless devices.
- [Resource Owner Password Credentials Grant Handlers](https://awesome-repositories.com/f/security-cryptography/oauth-grant-type-handlers/resource-owner-password-credentials-grant-handlers.md) — Exchanges a username and password directly for an access token using the OAuth 2.0 password grant type.
- [Resource Owner Password Grant Handlers](https://awesome-repositories.com/f/security-cryptography/oauth-grant-type-handlers/resource-owner-password-grant-handlers.md) — Exchanges a username and password directly for an OAuth 2.0 access token in trusted client scenarios.
- [Authentication Token Caching](https://awesome-repositories.com/f/security-cryptography/token-authentication/authentication-token-caching.md) — Caches authentication tokens across sessions, returning cached tokens until they expire then fetching fresh ones automatically. ([source](https://golang.org/x/oauth2))
- [Cached Token Reuses](https://awesome-repositories.com/f/security-cryptography/token-authentication/authentication-token-caching/cached-token-reuses.md) — Returns cached tokens until they expire, then transparently fetches fresh ones to minimize redundant authorization requests. ([source](https://golang.org/x/oauth2))
- [Static Token Sources](https://awesome-repositories.com/f/security-cryptography/token-authentication/static-token-sources.md) — Offers a static token source for long-lived credentials that never expire.

### Networking & Communication

- [Authenticated Transports](https://awesome-repositories.com/f/networking-communication/communication-protocols-architectures/communication-protocols-standards/transport-protocols/http-transports/authenticated-transports.md) — Attaches access tokens to outgoing HTTP requests by wrapping the transport layer for authenticated communication. ([source](https://golang.org/x/oauth2))
- [Authenticated Request Clients](https://awesome-repositories.com/f/networking-communication/http-request-utilities/authenticated-request-clients.md) — Wraps an HTTP client with automatic token injection and refresh for every outgoing request. ([source](https://golang.org/x/oauth2))

### Web Development

- [Authorization URL Generators](https://awesome-repositories.com/f/web-development/third-party-integrations/third-party-platform-authorizations/oauth-authorization-url-retrievals/authorization-url-generators.md) — Produces authorization URLs with PKCE challenge and access type parameters for OAuth 2.0 flows. ([source](https://golang.org/x/oauth2))
- [Consent URL Builders](https://awesome-repositories.com/f/web-development/third-party-integrations/third-party-platform-authorizations/oauth-authorization-url-retrievals/consent-url-builders.md) — Builds consent page URLs with requested scopes and optional PKCE protection for OAuth 2.0 flows. ([source](https://golang.org/x/oauth2))

### Part of an Awesome List

- [DevOps & Infrastructure](https://awesome-repositories.com/f/awesome-lists/devops/devops-infrastructure.md) — Standard library for implementing OAuth2 authentication flows.
- [Authentication and Authorization](https://awesome-repositories.com/f/awesome-lists/security/authentication-and-authorization.md) — General OAuth 2.0 client implementation.
- [Security & Privacy](https://awesome-repositories.com/f/awesome-lists/security/security-privacy.md) — Generic OAuth 2.0 package with support for major providers.
