authn

package
v0.1.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 24, 2026 License: MIT Imports: 5 Imported by: 0

Documentation

Index

Constants

View Source 
const DefaultLoginScope = "openid profile email"

Variables

View Source 
var (
	ErrNotConfigured  = errors.New("authenticator is nil")
	ErrTokenMissing   = errors.New("missing bearer token")
	ErrPrincipalEmpty = errors.New("token produced empty principal")
)

Functions

func AuthenticateToken 

func AuthenticateToken(ctx context.Context, a Authenticator, token string, allowAnonymous bool) (context.Context, *principal.Principal, error)

func ExtractBearer 

func ExtractBearer(header string) (string, bool)

Types

type Authenticator 

type Authenticator interface {
	Authenticate(ctx context.Context, token string) (*principal.Principal, error)
}

type ExchangeCodeRequest added in v0.1.2 

type ExchangeCodeRequest struct {
	Code        string
	RedirectURI string
	Extra       url.Values
}

ExchangeCodeRequest exchanges an OAuth authorization code for tokens.

type LoginRequest 

type LoginRequest struct {
	RedirectURI string
	State       string
	Scope       string
	Prompt      string
	Extra       url.Values
}

LoginRequest describes the minimum information required to start an OAuth/OIDC login flow.

type LoginURLBuilder 

type LoginURLBuilder interface {
	LoginURL(req LoginRequest) (string, error)
}

LoginURLBuilder is implemented by providers that can start a browser login flow.

type LogoutRequest 

type LogoutRequest struct {
	IDTokenHint           string
	PostLogoutRedirectURI string
	State                 string
	Extra                 url.Values
}

LogoutRequest describes logout URL construction. Providers may ignore unsupported fields.

type LogoutURLBuilder 

type LogoutURLBuilder interface {
	LogoutURL(req LogoutRequest) (string, error)
}

LogoutURLBuilder is implemented by providers that can produce a browser logout URL.

type OAuthExchanger added in v0.1.2 

type OAuthExchanger interface {
	ExchangeCode(ctx context.Context, req ExchangeCodeRequest) (*TokenResponse, error)
	RefreshToken(ctx context.Context, req RefreshTokenRequest) (*TokenResponse, error)
}

OAuthExchanger is implemented by providers that can exchange OAuth codes and refresh tokens.

type Options 

type Options struct {
	AllowAnonymous bool
	TokenExtractor TokenExtractor
}

type RefreshTokenRequest added in v0.1.2 

type RefreshTokenRequest struct {
	RefreshToken string
	Scope        string
	Extra        url.Values
}

RefreshTokenRequest exchanges a refresh token for a new access token.

type TokenExtractor 

type TokenExtractor func(ctx context.Context) (string, bool)

type TokenResponse added in v0.1.2 

type TokenResponse struct {
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token,omitempty"`
	IDToken      string `json:"id_token,omitempty"`
	TokenType    string `json:"token_type,omitempty"`
	ExpiresIn    int64  `json:"expires_in,omitempty"`
	Scope        string `json:"scope,omitempty"`
	Raw          []byte `json:"-"`
}

TokenResponse is a provider-neutral OAuth/OIDC token response.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.