oauth

package
v2.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 11, 2026 License: MIT Imports: 1 Imported by: 0

Documentation

Overview

Package oauth provides types for the Auth0 OAuth authentication endpoints.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ClientAuthentication 

type ClientAuthentication struct {
	// ClientID to use for the specific request.
	ClientID string `json:"client_id,omitempty"`
	// ClientSecret to use for the specific request. Required when Client Secret Basic or Client
	// Secret Post is the application authentication method.
	ClientSecret string `json:"client_secret,omitempty"` //nolint:gosec // This is a request field, not a hardcoded secret.
	// ClientAssertion to use for the specific request. Required if `Private Key JWT` is the
	// authentication method.
	ClientAssertion string `json:"client_assertion,omitempty"`
	// ClientAssertionType to use for the specific request. Required if you are passing your own
	// ClientAssertion.
	ClientAssertionType string `json:"client_assertion_type,omitempty"`
}

ClientAuthentication defines the authentication options that can be overridden per request.

type IDTokenValidationOptions 

type IDTokenValidationOptions struct {
	MaxAge       time.Duration
	Nonce        string
	Organization string
}

IDTokenValidationOptions allows validating optional claims that might not always be in the ID token.

type LoginWithAuthCodeRequest 

type LoginWithAuthCodeRequest struct {
	ClientAuthentication
	// The Authorization Code received from the initial /authorize call.
	Code string
	// This is required only if it was set at the GET /authorize endpoint. The values must match.
	RedirectURI string
	// Extra parameters to be merged into the request body. Values set here will override any existing values.
	ExtraParameters map[string]string
}

LoginWithAuthCodeRequest defines the request body for logging in with the Authorization Code grant.

type LoginWithAuthCodeWithPKCERequest 

type LoginWithAuthCodeWithPKCERequest struct {
	ClientAuthentication
	// The Authorization Code received from the initial /authorize call.
	Code string
	// Cryptographically random key that was used to generate the code_challenge passed to /authorize.
	CodeVerifier string
	// This is required only if it was set at the GET /authorize endpoint. The values must match.
	RedirectURI string
	// Extra parameters to be merged into the request body. Values set here will override any existing values.
	ExtraParameters map[string]string
}

LoginWithAuthCodeWithPKCERequest defines the request body for logging in with the Authorization Code with Proof Key for Code Exchange grant.

type LoginWithClientCredentialsRequest 

type LoginWithClientCredentialsRequest struct {
	ClientAuthentication
	// The unique identifier of the target API you want to access.
	Audience string
	// Extra parameters to be merged into the request body. Values set here will override any existing values.
	ExtraParameters map[string]string
	// And organization name or ID. When included, the access token will include the `org_id` or `org_name` claim.
	Organization string
}

LoginWithClientCredentialsRequest defines the request body for logging in with Authorization Code grant.

type LoginWithPasswordRequest 

type LoginWithPasswordRequest struct {
	ClientAuthentication
	// The user's username.
	Username string
	// The user's password.
	Password string //nolint:gosec // This is a request field, not a hardcoded secret.
	// String value of the different scopes the application is asking for. Multiple scopes are separated with whitespace.
	Scope string
	// The unique identifier of the target API you want to access.
	Audience string
	// String value of the realm the user belongs. Set this if you want to add realm support to this grant.
	Realm string
	// Extra parameters to be merged into the request body. Values set here will override any existing values.
	ExtraParameters map[string]string
}

LoginWithPasswordRequest defines the request body for logging in with the Password grant.

type PushedAuthorizationRequest 

type PushedAuthorizationRequest struct {
	ClientAuthentication
	// The URI to redirect to.
	RedirectURI string
	// Scopes to request.
	Scope string
	// The unique identifier of the target API you want to access.
	Audience string
	// The nonce.
	Nonce string
	// The response mode to use.
	ResponseMode string
	// The response type the client expects.
	ResponseType string
	// The organization to log the user in to.
	Organization string
	// The ID of an invitation to accept.
	Invitation string
	// Name of the connection.
	Connection string
	// A Base64-encoded SHA-256 hash of the code_verifier used for the Authorization Code Flow with PKCE.
	CodeChallenge string
	// Extra parameters to be added to the request. Values set here will override any existing values.
	ExtraParameters map[string]string
}

PushedAuthorizationRequest defines the request body for performing a Pushed Authorization Request (PAR).

type PushedAuthorizationRequestResponse 

type PushedAuthorizationRequestResponse struct {
	RequestURI string `json:"request_uri,omitempty"`
	ExpiresIn  int    `json:"expires_in,omitempty"`
}

PushedAuthorizationRequestResponse defines the response from a Pushed Authorization Request.

type RefreshTokenRequest 

type RefreshTokenRequest struct {
	ClientAuthentication
	// The refresh token to use.
	RefreshToken string //nolint:gosec // This is a request field, not a hardcoded secret.
	// 	A space-delimited list of requested scope permissions. If not sent, the original scopes will be used;
	// otherwise you can request a reduced set of scopes. Note that this must be URL encoded.
	Scope string
	// Extra parameters to be merged into the request body. Values set here will override any existing values.
	ExtraParameters map[string]string
}

RefreshTokenRequest defines the request body for logging in with Authorization Code grant.

type RevokeRefreshTokenRequest 

type RevokeRefreshTokenRequest struct {
	ClientAuthentication
	// The refresh token you want to revoke.
	Token string `json:"token,omitempty"`
	// Extra parameters to be merged into the request body. Values set here will override any existing values.
	ExtraParameters map[string]string `json:"-"`
}

RevokeRefreshTokenRequest defines the request body for logging in with Authorization Code grant.

type TokenSet 

type TokenSet struct {
	// The access token.
	AccessToken string `json:"access_token,omitempty"` //nolint:gosec // This is a response field, not a hardcoded secret.
	// The duration in seconds that the access token is valid for.
	ExpiresIn int64 `json:"expires_in,omitempty"`
	// The user's ID token.
	IDToken string `json:"id_token,omitempty"`
	// The refresh token, only available if `offline_access` scope was provided.
	RefreshToken string `json:"refresh_token,omitempty"` //nolint:gosec // This is a response field, not a hardcoded secret.
	// String value of the different scopes the application is asking for.
	// Multiple scopes are separated with whitespace.
	Scope string `json:"scope,omitempty"`
	// The type of the access token.
	TokenType string `json:"token_type,omitempty"`
}

TokenSet defines the response of the OAuth endpoints.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.