Goth is a Go library that provides a consistent, provider-agnostic interface for authenticating users through dozens of third-party OAuth and OAuth2 services. It defines a pluggable provider interface and a central registry where providers are registered by name, enabling dynamic lookup and invocation during authentication flows. The library manages the multi-step OAuth authorization process by generating redirect URLs and validating callback responses, and returns a standardized user profile with common fields like email, name, and avatar URL across all supported providers.
The library distinguishes itself through its extensible architecture, allowing developers to implement a custom provider interface to add authentication support for any third-party OAuth service not included by default. It handles session state management between requests using encrypted cookies with configurable security attributes, including HTTP-only, secure, and domain-scoped settings. Goth also supports token refresh, enabling applications to obtain new access tokens using refresh tokens when the original token expires.
The project provides runtime provider registry management, allowing developers to add, retrieve, and clear authentication providers dynamically. Session storage can be customized with settings such as expiry, path, and security flags for production use. The library is distributed as a Go package with documentation covering installation and provider configuration.
