auth

package
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 27, 2026 License: MIT Imports: 20 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BuildAuthURL added in v0.5.0 

func BuildAuthURL(host, clientID, redirectURI, state, codeChallenge, scopes string) string

BuildAuthURL constructs a GitLab OAuth authorization URL.

func DefaultScopes added in v0.5.0 

func DefaultScopes() string

DefaultScopes returns the default OAuth scopes.

func GenerateCodeChallenge added in v0.5.0 

func GenerateCodeChallenge(verifier string) string

GenerateCodeChallenge creates a PKCE S256 code challenge from a verifier.

func GenerateCodeVerifier added in v0.5.0 

func GenerateCodeVerifier() (string, error)

GenerateCodeVerifier creates a PKCE code verifier (43-char base64url string).

func GenerateState added in v0.5.0 

func GenerateState() (string, error)

GenerateState creates a random state string for CSRF protection.

func GetToken 

func GetToken(host string) (string, error)

GetToken retrieves the token for a specific host.

func Logout 

func Logout(host string) error

Logout removes stored credentials for a host.

func LogoutAll added in v0.2.0 

func LogoutAll() error

LogoutAll removes stored credentials for all hosts.

func RefreshOAuthToken added in v0.0.14 

func RefreshOAuthToken(host string) (string, error)

RefreshOAuthToken refreshes an expired OAuth access token using the stored refresh token. On success it updates the token, refresh token, and expiry in hosts.json and returns the new access token.

func ScopesDescription added in v0.0.2 

func ScopesDescription() string

ScopesDescription returns a human-readable description of the required scopes.

func Switch added in v0.2.0 

func Switch(in io.Reader, out io.Writer) (string, error)

Switch allows the user to switch the active GitLab instance. It presents a list of authenticated hosts and updates the default_host config.

Types

type OAuthTokenResponse added in v0.0.2 

type OAuthTokenResponse struct {
	AccessToken  string `json:"access_token"`
	TokenType    string `json:"token_type"`
	ExpiresIn    int    `json:"expires_in"`
	RefreshToken string `json:"refresh_token"`
	Scope        string `json:"scope"`
	CreatedAt    int64  `json:"created_at"`
}

OAuthTokenResponse represents the response from GitLab's OAuth token endpoint.

func ExchangeCode added in v0.5.0 

func ExchangeCode(host, clientID, code, redirectURI, codeVerifier string) (*OAuthTokenResponse, error)

ExchangeCode exchanges an authorization code for an OAuth token.

type Status 

type Status struct {
	Host           string
	User           string
	Token          string
	Source         string
	GitLabVersion  string
	AuthMethod     string // "pat", "oauth", or ""
	TokenExpiresAt int64  // Unix timestamp; 0 if not set
	Scopes         string // OAuth scopes; empty for PAT
	Active         bool
	HasError       bool
	Error          string
}

Status represents the authentication status for a host.

func GetStatus 

func GetStatus() ([]Status, error)

GetStatus returns the authentication status for all configured hosts.

func Login 

func Login(host, token string, stdin io.Reader) (*Status, error)

Login authenticates the user with a GitLab instance.

func OAuthFlow added in v0.0.2 

func OAuthFlow(host, clientID, redirectURI, scopes string, out io.Writer, openBrowser func(string) error) (*Status, error)

OAuthFlow performs the OAuth2 Authorization Code flow with PKCE. openBrowser is called with the authorization URL; pass nil to skip auto-open. If redirectURI is empty, http://localhost:7171/auth/redirect is used. If scopes is empty, defaultScopes is used.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.