auth

package
v0.7.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 25, 2021 License: MIT Imports: 11 Imported by: 0

README

Auth package

The CLI authentication follows this approach:

  1. $ auth0 login uses Auth0 Device Flow to get an acccess token and a refresh token for the selected tenant.
  2. The access token is stored at the configuration file.
  3. The refresh token is stored at the OS keychain (supports macOS, Linux, and Windows thanks to https://github.com/zalando/go-keyring).
  4. During regular commands initialization, the access token is used to instantiate an Auth0 API client. - If the token is expired according to the value stored on the configuration file, a new one is requested using the refresh token. - In case of any error, the interactive login flow is triggered.

Documentation

Index

Constants

View Source 
const (

	// namespace used to set/get values from the keychain
	SecretsNamespace = "auth0-cli"
)

Variables

This section is empty.

Functions

func RequiredScopes added in v0.5.1 

func RequiredScopes() []string

RequiredScopes returns the scopes used for login.

Types

type Authenticator 

type Authenticator struct{}

func (*Authenticator) Start 

func (a *Authenticator) Start(ctx context.Context) (State, error)

Start kicks-off the device authentication flow by requesting a device code from Auth0, The returned state contains the URI for the next step of the flow.

func (*Authenticator) Wait 

func (a *Authenticator) Wait(ctx context.Context, state State) (Result, error)

Wait waits until the user is logged in on the browser.

type Keyring 

type Keyring struct{}

func (*Keyring) Delete 

func (k *Keyring) Delete(namespace, key string) error

Delete deletes a value for the given namespace and key.

func (*Keyring) Get 

func (k *Keyring) Get(namespace, key string) (string, error)

Get gets a value for the given namespace and key.

func (*Keyring) Set 

func (k *Keyring) Set(namespace, key, value string) error

Set sets the given key/value pair with the given namespace.

type Result 

type Result struct {
	Tenant       string
	Domain       string
	RefreshToken string
	AccessToken  string
	ExpiresIn    int64
}

type SecretStore 

type SecretStore interface {
	// Get gets the secret
	Get(namespace, key string) (string, error)
	// Delete removes the secret
	Delete(namespace, key string) error
}

SecretStore provides access to stored sensitive data.

type State 

type State struct {
	DeviceCode      string `json:"device_code"`
	UserCode        string `json:"user_code"`
	VerificationURI string `json:"verification_uri_complete"`
	ExpiresIn       int    `json:"expires_in"`
	Interval        int    `json:"interval"`
}

func (*State) IntervalDuration 

func (s *State) IntervalDuration() time.Duration

type TokenResponse 

type TokenResponse struct {
	AccessToken string `json:"access_token"`
	IDToken     string `json:"id_token"`
	TokenType   string `json:"token_type"`
	ExpiresIn   int    `json:"expires_in"`
}

type TokenRetriever 

type TokenRetriever struct {
	Secrets SecretStore
	Client  *http.Client
}

func (*TokenRetriever) Delete 

func (t *TokenRetriever) Delete(tenant string) error

Delete deletes the given tenant from the secrets storage.

func (*TokenRetriever) Refresh 

func (t *TokenRetriever) Refresh(ctx context.Context, tenant string) (TokenResponse, error)

Refresh gets a new access token from the provided refresh token, The request is used the default client_id and endpoint for device authentication.

Source Files

View all Source files

Directories

Path Synopsis
Package mock is a generated GoMock package.
 Package mock is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.