oauth

package
v0.0.0-...-bea0022 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 8, 2026 License: Apache-2.0 Imports: 27 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var AppSessionTokenAPIRequestSchema = validation.NewSimpleSchema(`
	{
		"type": "object",
		"additionalProperties": false,
		"properties": {
			"refresh_token": { "type": "string" }
		},
		"required": ["refresh_token"]
	}
`)
View Source 
var AppSessionTokenAPIResponseSchema = validation.NewSimpleSchema(`
	{
		"type": "object",
		"properties": {
			"app_session_token": { "type": "string" },
			"expire_at": { "type": "string" }
		},
		"required": ["app_session_token", "expire_at"]
	}
`)
View Source 
var AuthorizeHandlerLogger = slogutil.NewLogger("handler-authz")
View Source 
var ChallengeAPIRequestSchema = validation.NewSimpleSchema(`
	{
		"type": "object",
		"additionalProperties": false,
		"properties": {
			"purpose": { "type": "string" }
		},
		"required": ["purpose"]
	}
`)
View Source 
var ChallengeAPIResponseSchema = validation.NewSimpleSchema(`
	{
		"type": "object",
		"properties": {
			"token": { "type": "string" },
			"expire_at": { "type": "string" }
		},
		"required": ["token", "expire_at"]
	}
`)
View Source 
var ConsentHandlerLogger = slogutil.NewLogger("handler-from-webapp")
View Source 
var DependencySet = wire.NewSet(
	wire.Struct(new(AuthorizeHandler), "*"),
	wire.Struct(new(ConsentHandler), "*"),
	wire.Struct(new(TokenHandler), "*"),
	wire.Struct(new(RevokeHandler), "*"),
	wire.Struct(new(MetadataHandler), "*"),
	wire.Struct(new(JWKSHandler), "*"),
	wire.Struct(new(UserInfoHandler), "*"),
	wire.Struct(new(EndSessionHandler), "*"),
	wire.Struct(new(ChallengeHandler), "*"),
	wire.Struct(new(AppSessionTokenHandler), "*"),
	wire.Struct(new(ProxyRedirectHandler), "*"),
)
View Source 
var EndSessionHandlerLogger = slogutil.NewLogger("handler-end-session")
View Source 
var InvalidGrant = apierrors.Forbidden.WithReason("InvalidGrant")
View Source 
var JWKSHandlerLogger = slogutil.NewLogger("handler-jwks")
View Source 
var RevokeHandlerLogger = slogutil.NewLogger("handler-revoke")
View Source 
var TokenHandlerLogger = slogutil.NewLogger("handler-token")
View Source 
var UserInfoHandlerLogger = slogutil.NewLogger("handler-user-info")

Functions

func ConfigureAppSessionTokenRoute 

func ConfigureAppSessionTokenRoute(route httproute.Route) httproute.Route

func ConfigureAuthorizeRoute 

func ConfigureAuthorizeRoute(route httproute.Route) httproute.Route

func ConfigureChallengeRoute 

func ConfigureChallengeRoute(route httproute.Route) httproute.Route

func ConfigureConsentRoute 

func ConfigureConsentRoute(route httproute.Route) httproute.Route

func ConfigureEndSessionRoute 

func ConfigureEndSessionRoute(route httproute.Route) httproute.Route

func ConfigureJWKSRoute 

func ConfigureJWKSRoute(route httproute.Route) httproute.Route

func ConfigureOAuthMetadataRoute 

func ConfigureOAuthMetadataRoute(route httproute.Route) httproute.Route

func ConfigureOIDCMetadataRoute 

func ConfigureOIDCMetadataRoute(route httproute.Route) httproute.Route

func ConfigureProxyRedirectRoute 

func ConfigureProxyRedirectRoute(route httproute.Route) httproute.Route

func ConfigureRevokeRoute 

func ConfigureRevokeRoute(route httproute.Route) httproute.Route

func ConfigureTokenRoute 

func ConfigureTokenRoute(route httproute.Route) httproute.Route

func ConfigureUserInfoRoute 

func ConfigureUserInfoRoute(route httproute.Route) httproute.Route

Types

type AppSessionTokenHandler 

type AppSessionTokenHandler struct {
	Database         *appdb.Handle
	AppSessionTokens AppSessionTokenIssuer
}

func (*AppSessionTokenHandler) Handle 

func (h *AppSessionTokenHandler) Handle(ctx context.Context, resp http.ResponseWriter, req *http.Request) (*AppSessionTokenResponse, error)

func (*AppSessionTokenHandler) ServeHTTP 

func (h *AppSessionTokenHandler) ServeHTTP(resp http.ResponseWriter, req *http.Request)

type AppSessionTokenIssuer 

type AppSessionTokenIssuer interface {
	IssueAppSessionToken(ctx context.Context, refreshToken string) (string, *oauth.AppSessionToken, error)
}

type AppSessionTokenRequest 

type AppSessionTokenRequest struct {
	RefreshToken string `json:"refresh_token"`
}

type AppSessionTokenResponse 

type AppSessionTokenResponse struct {
	AppSessionToken string    `json:"app_session_token"`
	ExpireAt        time.Time `json:"expire_at"`
}

type AuthorizeHandler 

type AuthorizeHandler struct {
	AuthzHandler ProtocolAuthorizeHandler
}

func (*AuthorizeHandler) ServeHTTP 

func (h *AuthorizeHandler) ServeHTTP(rw http.ResponseWriter, r *http.Request)

type ChallengeHandler 

type ChallengeHandler struct {
	Database   *appdb.Handle
	Challenges ChallengeProvider
}

@Operation POST /challenge - Obtain new challenge 

Obtain a new challenge for challenge-based OAuth authentication.
Challenges can be used once only.

@Tag User

@RequestBody
	Describe purpose of the challenge.
	@JSONSchema {OAuthChallengeRequest}

@Response 200
	Created challenge information.
	@JSONSchema {OAuthChallengeResponse}

func (*ChallengeHandler) Handle 

func (h *ChallengeHandler) Handle(ctx context.Context, resp http.ResponseWriter, req *http.Request) (*ChallengeResponse, error)

func (*ChallengeHandler) ServeHTTP 

func (h *ChallengeHandler) ServeHTTP(resp http.ResponseWriter, req *http.Request)

type ChallengeProvider 

type ChallengeProvider interface {
	Create(ctx context.Context, purpose challenge.Purpose) (*challenge.Challenge, error)
}

type ChallengeRequest 

type ChallengeRequest struct {
	Purpose challenge.Purpose `json:"purpose"`
}

func (*ChallengeRequest) Validate 

func (p *ChallengeRequest) Validate(ctx context.Context, validationCtx *validation.Context)

type ChallengeResponse 

type ChallengeResponse struct {
	Token    string    `json:"token"`
	ExpireAt time.Time `json:"expire_at"`
}

type ConsentHandler 

type ConsentHandler struct {
	Database      *appdb.Handle
	Handler       ProtocolConsentHandler
	BaseViewModel *viewmodels.BaseViewModeler
	Renderer      Renderer
	Identities    ProtocolIdentityService
	Users         ConsentUserService
}

func (*ConsentHandler) ServeHTTP 

func (h *ConsentHandler) ServeHTTP(rw http.ResponseWriter, r *http.Request)

type ConsentUserService 

type ConsentUserService interface {
	Get(ctx context.Context, userID string, role accesscontrol.Role) (*model.User, error)
}

type ConsentViewModel 

type ConsentViewModel struct {
	ClientName          string
	ClientPolicyURI     string
	ClientTOSURI        string
	Scopes              []string
	IdentityDisplayName string
	UserProfile         webapp.UserProfile
}

type EndSessionHandler 

type EndSessionHandler struct {
	Database          *appdb.Handle
	EndSessionHandler ProtocolEndSessionHandler
}

func (*EndSessionHandler) ServeHTTP 

func (h *EndSessionHandler) ServeHTTP(rw http.ResponseWriter, r *http.Request)

type JWKSHandler 

type JWKSHandler struct {
	JWKS JWSSource
}

func (*JWKSHandler) ServeHTTP 

func (h *JWKSHandler) ServeHTTP(rw http.ResponseWriter, r *http.Request)

type JWSSource 

type JWSSource interface {
	GetPublicKeySet() (jwk.Set, error)
}

type MetadataHandler 

type MetadataHandler struct {
	Providers []MetadataProvider
}

func (*MetadataHandler) ServeHTTP 

func (h *MetadataHandler) ServeHTTP(rw http.ResponseWriter, r *http.Request)

type MetadataProvider 

type MetadataProvider interface {
	PopulateMetadata(meta map[string]interface{})
}

type OAuthClientResolver 

type OAuthClientResolver interface {
	ResolveClient(clientID string) *config.OAuthClientConfig
}

type ProtocolAuthorizeHandler 

type ProtocolAuthorizeHandler interface {
	ValidateRequestWithoutTx(ctx context.Context, r protocol.AuthorizationRequest) (context.Context, *handler.AuthorizationParams, *handler.AuthorizationResultError)
	HandleRequest(ctx context.Context, r protocol.AuthorizationRequest, params *handler.AuthorizationParams) httputil.Result
}

type ProtocolConsentHandler 

type ProtocolConsentHandler interface {
	HandleConsentWithoutUserConsent(ctx context.Context, req *http.Request) (httputil.Result, *oauthhandler.ConsentRequired)
	HandleConsentWithUserConsent(ctx context.Context, req *http.Request) httputil.Result
	HandleConsentWithUserCancel(ctx context.Context, req *http.Request) httputil.Result
}

type ProtocolEndSessionHandler 

type ProtocolEndSessionHandler interface {
	Handle(ctx context.Context, s session.ResolvedSession, endSessionRequest protocol.EndSessionRequest, r *http.Request, w http.ResponseWriter) error
}

type ProtocolIdentityService 

type ProtocolIdentityService interface {
	ListByUser(ctx context.Context, userID string) ([]*identity.Info, error)
}

type ProtocolProxyRedirectHandler 

type ProtocolProxyRedirectHandler interface {
	Validate(redirectURIWithQuery string) (*oauth.WriteResponseOptions, error)
}

type ProtocolRevokeHandler 

type ProtocolRevokeHandler interface {
	Handle(ctx context.Context, r protocol.RevokeRequest) error
}

type ProtocolTokenHandler 

type ProtocolTokenHandler interface {
	Handle(ctx context.Context, rw http.ResponseWriter, req *http.Request, r protocol.TokenRequest) httputil.Result
}

type ProtocolUserInfoProvider 

type ProtocolUserInfoProvider interface {
	GetUserInfo(ctx context.Context, userID string, clientLike *oauth.ClientLike) (map[string]interface{}, error)
}

type ProxyRedirectHandler 

type ProxyRedirectHandler struct {
	ProxyRedirectHandler ProtocolProxyRedirectHandler
}

func (*ProxyRedirectHandler) ServeHTTP 

func (h *ProxyRedirectHandler) ServeHTTP(rw http.ResponseWriter, r *http.Request)

type Renderer 

type Renderer interface {
	RenderHTML(w http.ResponseWriter, r *http.Request, tpl *template.HTML, data interface{})
}

type RevokeHandler 

type RevokeHandler struct {
	Database      *appdb.Handle
	RevokeHandler ProtocolRevokeHandler
}

func (*RevokeHandler) ServeHTTP 

func (h *RevokeHandler) ServeHTTP(rw http.ResponseWriter, r *http.Request)

type TokenHandler 

type TokenHandler struct {
	Database     *appdb.Handle
	TokenHandler ProtocolTokenHandler
}

func (*TokenHandler) ServeHTTP 

func (h *TokenHandler) ServeHTTP(rw http.ResponseWriter, r *http.Request)

type UserInfoHandler 

type UserInfoHandler struct {
	Database            *appdb.Handle
	UserInfoProvider    ProtocolUserInfoProvider
	OAuth               *config.OAuthConfig
	OAuthClientResolver OAuthClientResolver
}

func (*UserInfoHandler) ServeHTTP 

func (h *UserInfoHandler) ServeHTTP(rw http.ResponseWriter, r *http.Request)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.