Creates a configuration object for enabling Google OAuth2 authentication on an autosync server. When enabled, clients must include a valid OAuth2 access token as a Bearer token in the Authorization header of the WebSocket upgrade request. Connections without valid credentials are rejected immediately at connection time.
Usage
auth_config(
allowed_emails = NULL,
allowed_domains = NULL,
custom_validator = NULL,
token_timeout = 5
)Arguments
- allowed_emails
Character vector of allowed email addresses.
- allowed_domains
Character vector of allowed email domains (e.g., "mycompany.com").
- custom_validator
Function(token_info) returning TRUE/FALSE for custom validation logic.
- token_timeout
Numeric, seconds to wait for Google's tokeninfo endpoint to respond when validating tokens. Default 5 seconds.
Examples
# Allow specific email domains
auth_config(allowed_domains = c("mycompany.com", "partner.org"))
#> $allowed_emails
#> NULL
#>
#> $allowed_domains
#> [1] "mycompany.com" "partner.org"
#>
#> $custom_validator
#> NULL
#>
#> $token_timeout
#> [1] 5
#>
#> attr(,"class")
#> [1] "amsync_auth_config"
# Allow specific users
auth_config(allowed_emails = c("alice@example.com", "bob@example.com"))
#> $allowed_emails
#> [1] "alice@example.com" "bob@example.com"
#>
#> $allowed_domains
#> NULL
#>
#> $custom_validator
#> NULL
#>
#> $token_timeout
#> [1] 5
#>
#> attr(,"class")
#> [1] "amsync_auth_config"
# Custom validator
auth_config(custom_validator = function(token_info) {
# Only allow tokens with at least 5 minutes remaining
as.integer(token_info$expires_in) > 300
})
#> $allowed_emails
#> NULL
#>
#> $allowed_domains
#> NULL
#>
#> $custom_validator
#> function (token_info)
#> {
#> as.integer(token_info$expires_in) > 300
#> }
#> <environment: 0x55641a232758>
#>
#> $token_timeout
#> [1] 5
#>
#> attr(,"class")
#> [1] "amsync_auth_config"