auth

package
v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 16, 2026 License: MIT Imports: 18 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BuildAuthorizeURL 

func BuildAuthorizeURL(cfg OAuthProviderConfig, pkce PKCECodes, state, redirectURI string) string

BuildAuthorizeURL builds OAuth authorize URL with PKCE.

func DeleteAllCredentials 

func DeleteAllCredentials() error

DeleteAllCredentials clears auth store.

func DeleteCredential 

func DeleteCredential(provider string) error

DeleteCredential removes one provider credential.

func FilePath 

func FilePath() string

FilePath returns ~/.golem/auth.json.

func SaveStore 

func SaveStore(store *Store) error

SaveStore persists auth store to disk.

func SetCredential 

func SetCredential(provider string, cred *Credential) error

SetCredential saves one provider credential.

Types

type Credential 

type Credential struct {
	AccessToken  string    `json:"access_token"`
	RefreshToken string    `json:"refresh_token,omitempty"`
	Provider     string    `json:"provider"`
	AuthMethod   string    `json:"auth_method"`
	ExpiresAt    time.Time `json:"expires_at,omitempty"`
}

Credential stores auth tokens for one provider.

func GetCredential 

func GetCredential(provider string) (*Credential, error)

GetCredential retrieves one provider credential.

func LoginBrowser 

func LoginBrowser(cfg OAuthProviderConfig) (*Credential, error)

LoginBrowser completes OAuth login via local callback HTTP server.

func LoginDeviceCode 

func LoginDeviceCode(cfg OAuthProviderConfig) (*Credential, error)

LoginDeviceCode completes OAuth login via device-code flow.

func RefreshAccessToken 

func RefreshAccessToken(cred *Credential, cfg OAuthProviderConfig) (*Credential, error)

RefreshAccessToken refreshes OAuth access token when refresh token exists.

func (*Credential) IsExpired 

func (c *Credential) IsExpired() bool

func (*Credential) NeedsRefresh 

func (c *Credential) NeedsRefresh() bool

type OAuthProviderConfig 

type OAuthProviderConfig struct {
	Issuer   string
	ClientID string
	Scopes   string
	Port     int
}

OAuthProviderConfig defines OAuth metadata for one provider.

func OpenAIOAuthConfig 

func OpenAIOAuthConfig() OAuthProviderConfig

OpenAIOAuthConfig returns OpenAI OAuth defaults.

type PKCECodes 

type PKCECodes struct {
	CodeVerifier  string
	CodeChallenge string
}

PKCECodes holds verifier/challenge pair for OAuth PKCE.

func GeneratePKCE 

func GeneratePKCE() (PKCECodes, error)

GeneratePKCE creates random verifier and S256 challenge.

type Store 

type Store struct {
	Credentials map[string]*Credential `json:"credentials"`
}

Store is the on-disk auth container.

func LoadStore 

func LoadStore() (*Store, error)

LoadStore loads auth store from disk.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.