auth

package
v0.6.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 23, 2026 License: MIT Imports: 19 Imported by: 0

Documentation

Overview

Package auth provides authentication management for gpd.

Index

Constants

View Source 
const (
	// ScopeAndroidPublisher is the scope for Android Publisher API
	// Used for: publish, reviews, monetization, purchases
	ScopeAndroidPublisher = "https://www.googleapis.com/auth/androidpublisher"

	// ScopePlayReporting is the scope for Play Developer Reporting API
	// Used for: analytics, vitals
	ScopePlayReporting = "https://www.googleapis.com/auth/playdeveloperreporting"

	// ScopeGames is the scope for Play Games Services APIs
	// Used for: games management, play grouping tokens
	ScopeGames = "https://www.googleapis.com/auth/games"

	// ScopePlayIntegrity is the scope for Play Integrity API
	// Used for: integrity token decoding
	ScopePlayIntegrity = "https://www.googleapis.com/auth/playintegrity"
)

OAuth scopes required for gpd operations.

Variables

This section is empty.

Functions

This section is empty.

Types

type CheckResult 

type CheckResult struct {
	Valid       bool               `json:"valid"`
	Origin      string             `json:"origin"`
	Email       string             `json:"email,omitempty"`
	Permissions []*PermissionCheck `json:"permissions"`
}

CheckResult contains the results of permission validation.

type CredentialOrigin 

type CredentialOrigin int

CredentialOrigin indicates where credentials were obtained from. 

const (
	OriginADC CredentialOrigin = iota
	OriginKeyfile
	OriginEnvironment
	OriginOAuth
)

func (CredentialOrigin) String 

func (o CredentialOrigin) String() string

type Credentials 

type Credentials struct {
	TokenSource oauth2.TokenSource
	Origin      CredentialOrigin
	KeyPath     string // Only for keyfile origin
	Email       string // Service account email
	ClientID    string // Service account client ID
	Scopes      []string
}

Credentials holds the authenticated credentials.

type DeviceCodeFlow 

type DeviceCodeFlow struct {
	// contains filtered or unexported fields
}

func NewDeviceCodeFlow 

func NewDeviceCodeFlow(config *oauth2.Config, opts ...DeviceCodeOption) *DeviceCodeFlow

func (*DeviceCodeFlow) PollForToken 

func (f *DeviceCodeFlow) PollForToken(ctx context.Context) (*oauth2.Token, error)

func (*DeviceCodeFlow) RequestDeviceCode 

func (f *DeviceCodeFlow) RequestDeviceCode(ctx context.Context) (*DeviceCodeResponse, error)

type DeviceCodeOption 

type DeviceCodeOption func(*DeviceCodeFlow)

DeviceCodeOption is a function that configures the device code flow.

func WithBrowserOpen 

func WithBrowserOpen(open bool) DeviceCodeOption

WithBrowserOpen enables or disables automatic browser opening.

type DeviceCodeResponse 

type DeviceCodeResponse struct {
	DeviceCode              string `json:"device_code"`
	UserCode                string `json:"user_code"`
	VerificationURL         string `json:"verification_url"`
	VerificationURI         string `json:"verification_uri"`
	VerificationURLComplete string `json:"verification_uri_complete"`
	ExpiresIn               int    `json:"expires_in"`
	Interval                int    `json:"interval"`
}

type EarlyRefreshTokenSource 

type EarlyRefreshTokenSource struct {
	// contains filtered or unexported fields
}

EarlyRefreshTokenSource wraps a token source to refresh tokens early.

func (*EarlyRefreshTokenSource) Token 

func (s *EarlyRefreshTokenSource) Token() (*oauth2.Token, error)

Token returns a token, refreshing early if needed.

type Manager 

type Manager struct {
	// contains filtered or unexported fields
}

Manager handles authentication operations.

func NewManager 

func NewManager(storage SecureStorage) *Manager

NewManager creates a new authentication manager.

func (*Manager) Authenticate 

func (m *Manager) Authenticate(ctx context.Context, keyPath string) (*Credentials, error)

Authenticate attempts to obtain credentials from various sources.

func (*Manager) AuthenticateWithDeviceCode 

func (m *Manager) AuthenticateWithDeviceCode(ctx context.Context, clientID, clientSecret string, scopes []string, promptWriter io.Writer, openBrowser bool) (*Credentials, error)

func (*Manager) Clear 

func (m *Manager) Clear()

Clear clears the current credentials.

func (*Manager) GetActiveProfile 

func (m *Manager) GetActiveProfile() string

func (*Manager) GetCredentials 

func (m *Manager) GetCredentials() *Credentials

GetCredentials returns the current credentials.

func (*Manager) GetStatus 

func (m *Manager) GetStatus(ctx context.Context) (*Status, error)

GetStatus returns the current authentication status.

func (*Manager) GetTokenSource 

func (m *Manager) GetTokenSource(ctx context.Context) (oauth2.TokenSource, error)

GetTokenSource returns the current token source.

func (*Manager) ListProfiles 

func (m *Manager) ListProfiles() ([]TokenMetadata, error)

func (*Manager) LoadTokenMetadata 

func (m *Manager) LoadTokenMetadata(profile string) (*TokenMetadata, error)

func (*Manager) SetActiveProfile 

func (m *Manager) SetActiveProfile(profile string)

func (*Manager) SetStoreTokens 

func (m *Manager) SetStoreTokens(mode string)

func (*Manager) TokenLocation 

func (m *Manager) TokenLocation() string

type PermissionCheck 

type PermissionCheck struct {
	Surface   string `json:"surface"`
	HasAccess bool   `json:"hasAccess"`
	Error     string `json:"error,omitempty"`
	TestCall  string `json:"testCall"`
}

PermissionCheck represents a permission validation result.

type PersistedTokenSource 

type PersistedTokenSource struct {
	// contains filtered or unexported fields
}

func (*PersistedTokenSource) Token 

func (s *PersistedTokenSource) Token() (*oauth2.Token, error)

type SecureStorage 

type SecureStorage interface {
	Store(key string, value []byte) error
	Retrieve(key string) ([]byte, error)
	Delete(key string) error
	Available() bool
}

SecureStorage interface for platform-specific credential storage.

type Status 

type Status struct {
	Authenticated bool   `json:"authenticated"`
	Origin        string `json:"origin,omitempty"`
	Email         string `json:"email,omitempty"`
	KeyPath       string `json:"keyPath,omitempty"`
	TokenValid    bool   `json:"tokenValid"`
	TokenExpiry   string `json:"tokenExpiry,omitempty"`
}

Status represents the current authentication status.

type StoredToken 

type StoredToken struct {
	AccessToken  string   `json:"access_token"`            // #nosec G117 -- OAuth token field, required
	RefreshToken string   `json:"refresh_token,omitempty"` // #nosec G117 -- OAuth token field, required
	TokenType    string   `json:"token_type,omitempty"`
	Expiry       string   `json:"expiry"`
	Scopes       []string `json:"scopes,omitempty"`
	Origin       string   `json:"origin,omitempty"`
	Email        string   `json:"email,omitempty"`
	KeyPath      string   `json:"keyPath,omitempty"`
	ClientID     string   `json:"clientId,omitempty"`
}

type TokenMetadata 

type TokenMetadata struct {
	Profile       string   `json:"profile"`
	ClientIDHash  string   `json:"clientIdHash"`
	ClientIDLast4 string   `json:"clientIdLast4,omitempty"`
	Origin        string   `json:"origin"`
	Email         string   `json:"email,omitempty"`
	Scopes        []string `json:"scopes,omitempty"`
	TokenExpiry   string   `json:"tokenExpiry,omitempty"`
	UpdatedAt     string   `json:"updatedAt"`
}

type TokenResponse 

type TokenResponse struct {
	AccessToken  string `json:"access_token"`  // #nosec G117 -- OAuth token field, required
	RefreshToken string `json:"refresh_token"` // #nosec G117 -- OAuth token field, required
	ExpiresIn    int    `json:"expires_in"`
	TokenType    string `json:"token_type"`
	Scope        string `json:"scope"`
	Error        string `json:"error,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.