Documentation
¶
Overview ¶
Package oauth implements local OAuth device, browser, and token flows.
Index ¶
- Constants
- Variables
- func DeleteProviderProfile(configHome, name string) error
- func DeleteToken(configHome string) error
- func GenerateState() (string, error)
- func RevokeToken(ctx context.Context, metadata ProviderMetadata, clientID string, ...) error
- type BrowserAuthorization
- type BrowserCallback
- type BrowserCallbackResult
- type BrowserCallbackServer
- type DeviceAuthorization
- type DevicePollOptions
- type LogoutResult
- type PKCE
- type ProviderMetadata
- type ProviderProfile
- func ListProviderProfiles(configHome string) ([]ProviderProfile, error)
- func LoadProviderProfile(configHome, name string) (ProviderProfile, error)
- func ResolveProviderProfile(configHome, name string) (ProviderProfile, error)
- func SaveProviderProfile(ctx context.Context, configHome, name, issuer, clientID string, ...) (ProviderProfile, error)
- type Status
- type Token
- func ExchangeAuthorizationCode(ctx context.Context, metadata ProviderMetadata, ...) (Token, error)
- func LoadToken(configHome string) (Token, error)
- func PollDeviceToken(ctx context.Context, metadata ProviderMetadata, deviceCode string, ...) (Token, error)
- func RefreshStoredToken(ctx context.Context, configHome string, profileName string) (Token, error)
- func RefreshToken(ctx context.Context, metadata ProviderMetadata, clientID string, ...) (Token, error)
- func SaveToken(configHome string, token Token) (Token, error)
- type TokenView
Constants ¶
View Source
const DeviceCodeGrantType = "urn:ietf:params:oauth:grant-type:device_code"
Variables ¶
View Source
var ErrNoToken = errors.New("no oauth token")
Functions ¶
func DeleteProviderProfile ¶
func DeleteToken ¶
func GenerateState ¶
func RevokeToken ¶
Types ¶
type BrowserAuthorization ¶
type BrowserAuthorization struct {
AuthorizationURL string `json:"authorization_url"`
RedirectURI string `json:"redirect_uri"`
State string `json:"state"`
CodeVerifier string `json:"code_verifier"`
CodeChallenge string `json:"code_challenge"`
Method string `json:"method"`
}
func BuildBrowserAuthorization ¶
func BuildBrowserAuthorization(metadata ProviderMetadata, clientID, redirectURI string, scopes []string, state string, pkce PKCE) (BrowserAuthorization, error)
type BrowserCallback ¶
type BrowserCallbackResult ¶
type BrowserCallbackResult struct {
Callback BrowserCallback
Err error
}
type BrowserCallbackServer ¶
type BrowserCallbackServer struct {
RedirectURI string
Results <-chan BrowserCallbackResult
Close func() error
}
func StartBrowserCallbackServer ¶
func StartBrowserCallbackServer(ctx context.Context, addr, path, expectedState string) (BrowserCallbackServer, error)
type DeviceAuthorization ¶
type DeviceAuthorization struct {
DeviceCode string `json:"device_code"`
UserCode string `json:"user_code"`
VerificationURI string `json:"verification_uri"`
VerificationURIComplete string `json:"verification_uri_complete,omitempty"`
ExpiresIn int `json:"expires_in"`
Interval int `json:"interval,omitempty"`
Message string `json:"message,omitempty"`
ExpiresAt time.Time `json:"expires_at,omitempty"`
}
func StartDeviceAuthorization ¶
func StartDeviceAuthorization(ctx context.Context, metadata ProviderMetadata, clientID string, scopes []string) (DeviceAuthorization, error)
type DevicePollOptions ¶
type LogoutResult ¶
type LogoutResult struct {
Kind string `json:"kind,omitempty"`
Action string `json:"action,omitempty"`
Status string `json:"status,omitempty"`
Deleted bool `json:"deleted"`
AccessRevoked bool `json:"access_revoked,omitempty"`
RefreshRevoked bool `json:"refresh_revoked,omitempty"`
Revocation string `json:"revocation,omitempty"`
}
type PKCE ¶
type PKCE struct {
CodeVerifier string `json:"code_verifier"`
CodeChallenge string `json:"code_challenge"`
Method string `json:"method"`
}
func GeneratePKCE ¶
type ProviderMetadata ¶
type ProviderMetadata struct {
Issuer string `json:"issuer,omitempty"`
AuthorizationEndpoint string `json:"authorization_endpoint,omitempty"`
TokenEndpoint string `json:"token_endpoint,omitempty"`
DeviceAuthorizationEndpoint string `json:"device_authorization_endpoint,omitempty"`
RevocationEndpoint string `json:"revocation_endpoint,omitempty"`
JWKSURI string `json:"jwks_uri,omitempty"`
ScopesSupported []string `json:"scopes_supported,omitempty"`
GrantTypesSupported []string `json:"grant_types_supported,omitempty"`
CodeChallengeMethodsSupported []string `json:"code_challenge_methods_supported,omitempty"`
ResponseTypesSupported []string `json:"response_types_supported,omitempty"`
TokenEndpointAuthMethodsSupported []string `json:"token_endpoint_auth_methods_supported,omitempty"`
SourceURL string `json:"source_url,omitempty"`
}
func DiscoverProvider ¶
func DiscoverProvider(ctx context.Context, issuer string) (ProviderMetadata, error)
type ProviderProfile ¶
type ProviderProfile struct {
Name string `json:"name"`
Issuer string `json:"issuer"`
ClientID string `json:"client_id"`
Scopes []string `json:"scopes,omitempty"`
Metadata ProviderMetadata `json:"metadata"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
}
func ListProviderProfiles ¶
func ListProviderProfiles(configHome string) ([]ProviderProfile, error)
func LoadProviderProfile ¶
func LoadProviderProfile(configHome, name string) (ProviderProfile, error)
func ResolveProviderProfile ¶
func ResolveProviderProfile(configHome, name string) (ProviderProfile, error)
func SaveProviderProfile ¶
type Status ¶
type Status struct {
Kind string `json:"kind,omitempty"`
Action string `json:"action,omitempty"`
Status string `json:"status,omitempty"`
ProfileName string `json:"profile_name,omitempty"`
ProfileConfigured bool `json:"profile_configured"`
Profile *ProviderProfile `json:"profile,omitempty"`
TokenPresent bool `json:"token_present"`
Token *TokenView `json:"token,omitempty"`
Expired bool `json:"expired"`
CanRefresh bool `json:"can_refresh"`
Ready bool `json:"ready"`
Issue string `json:"issue,omitempty"`
}
Status describes whether a saved OAuth provider profile and token are usable.
type Token ¶
type Token struct {
AccessToken string `json:"access_token"`
RefreshToken string `json:"refresh_token,omitempty"`
TokenType string `json:"token_type,omitempty"`
ExpiresAt time.Time `json:"expires_at,omitempty"`
CreatedAt time.Time `json:"created_at"`
}
func PollDeviceToken ¶
func PollDeviceToken(ctx context.Context, metadata ProviderMetadata, deviceCode string, options DevicePollOptions) (Token, error)
func RefreshStoredToken ¶
func RefreshToken ¶
Click to show internal directories.
Click to hide internal directories.