Documentation
¶
Overview ¶
Package client provides an OAuth PKCE client for local authentication.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Client ¶
type Client interface {
// Login performs the OAuth PKCE flow and returns tokens.
Login(ctx context.Context) (*Tokens, error)
// Refresh refreshes an access token using a refresh token.
Refresh(ctx context.Context, refreshToken string) (*Tokens, error)
}
Client handles OAuth PKCE authentication flow.
type Config ¶
type Config struct {
// IssuerURL is the OIDC issuer URL (e.g., https://dex.example.com).
IssuerURL string
// ClientID is the OAuth client ID.
ClientID string
// Resource is the OAuth protected resource to request tokens for.
// Defaults to IssuerURL when omitted.
Resource string
// RedirectPort is the local port for the callback server.
RedirectPort int
// Scopes are the OAuth scopes to request.
Scopes []string
// Headless uses the device authorization flow (RFC 8628) instead of
// the local callback server. Use for SSH or headless environments.
Headless bool
}
Config configures the OAuth client.
type OIDCConfig ¶
type OIDCConfig struct {
Issuer string `json:"issuer"`
AuthorizationEndpoint string `json:"authorization_endpoint"`
TokenEndpoint string `json:"token_endpoint"`
DeviceAuthorizationEndpoint string `json:"device_authorization_endpoint"`
JwksURI string `json:"jwks_uri"`
ScopesSupported []string `json:"scopes_supported"`
}
OIDCConfig contains OIDC discovery configuration.
Source Files
Click to show internal directories.
Click to hide internal directories.