auth

package
v0.5.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 21, 2026 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

View Source
const PlaceholderRedirectURI = "http://127.0.0.1:12345/callback"

PlaceholderRedirectURI is a fixed redirect URI used in the login flow. No real callback server is needed since the CLI calls the login API directly.

Variables

This section is empty.

Functions

func BuildAuthorizeURL

func BuildAuthorizeURL(serverURL, redirectURI, state, challenge string) string

BuildAuthorizeURL constructs the authorization URL with PKCE and state parameters.

func ExchangeSetupToken added in v0.2.0

func ExchangeSetupToken(ctx context.Context, exchangeURL, setupToken string) (string, error)

ExchangeSetupToken exchanges a setup token (fst_...) for an API key (flk_...). The endpoint requires no authentication — the setup token itself is the credential.

func GeneratePKCE

func GeneratePKCE() (verifier, challenge string, err error)

GeneratePKCE creates a code_verifier and its S256 code_challenge.

func GenerateState

func GenerateState() (string, error)

GenerateState creates a random state parameter for CSRF protection.

func OpenBrowser

func OpenBrowser(url string) error

OpenBrowser opens the given URL in the default browser.

func SetDebug added in v0.2.0

func SetDebug(enabled bool)

SetDebug enables debug logging on the auth HTTP client.

func StartCallbackServer

func StartCallbackServer(ctx context.Context) (port int, resultCh <-chan CallbackResult, err error)

StartCallbackServer starts a localhost HTTP server that listens for the OAuth callback. It returns the port the server is listening on and a channel that will receive the authorization code. The server shuts down after receiving the callback or when the context is cancelled.

Types

type CallbackResult

type CallbackResult struct {
	Code  string
	State string
	Err   error
}

CallbackResult holds the code and state received from the OAuth callback.

type LoginRequest

type LoginRequest struct {
	Email               string `json:"email"`
	Password            string `json:"password"`
	ClientID            string `json:"client_id"`
	RedirectURI         string `json:"redirect_uri"`
	ResponseType        string `json:"response_type"`
	CodeChallenge       string `json:"code_challenge"`
	CodeChallengeMethod string `json:"code_challenge_method"`
	State               string `json:"state"`
}

LoginRequest is the JSON body sent to the /oauth2/login endpoint.

type LoginResponse

type LoginResponse struct {
	Code        string `json:"code"`
	RedirectURI string `json:"redirect_uri"`
	State       string `json:"state"`
}

LoginResponse is the JSON response from the /oauth2/login endpoint.

func Login

func Login(ctx context.Context, loginURL string, req *LoginRequest) (*LoginResponse, error)

Login sends credentials to the login endpoint and returns an auth code.

type TokenResponse

type TokenResponse struct {
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token"`
	TokenType    string `json:"token_type"`
	ExpiresIn    int    `json:"expires_in"`
}

TokenResponse holds the tokens returned by the authorization server.

func ExchangeCode

func ExchangeCode(ctx context.Context, tokenURL, code, verifier, redirectURI string) (*TokenResponse, error)

ExchangeCode exchanges an authorization code for tokens.

func RefreshTokens

func RefreshTokens(ctx context.Context, refreshURL, refreshToken string) (*TokenResponse, error)

RefreshTokens exchanges a refresh token for a new token pair.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL