auth

package
v1.15.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 15, 2026 License: BSD-3-Clause Imports: 2 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AutoLoginConfig 

type AutoLoginConfig struct {
	Enabled  bool   `json:"enabled" doc:"Whether auto-login is enabled"`
	Username string `json:"username" doc:"Username for auto-login (only returned if enabled)"`
}

AutoLoginConfig represents the auto-login configuration for the frontend. Password is intentionally excluded from this response.

type Login 

type Login struct {
	Username string `json:"username" minLength:"1" maxLength:"255" doc:"Username of the user" example:"admin"`
	Password string `json:"password" minLength:"1" doc:"Password of the user"`
}

Login represents the login request body.

type LoginResponse 

type LoginResponse struct {
	Token        string    `json:"token" doc:"JWT access token"`
	RefreshToken string    `json:"refreshToken" doc:"Refresh token for obtaining new access tokens"`
	ExpiresAt    time.Time `json:"expiresAt" doc:"Expiration time of the access token"`
	User         user.User `json:"user" doc:"Authenticated user information"`
}

LoginResponse represents the successful login response data.

type OidcAuthUrlRequest 

type OidcAuthUrlRequest struct {
	// RedirectUri is the URI to redirect to after successful authentication.
	//
	// Required: true
	RedirectUri string `json:"redirectUri"`
}

OidcAuthUrlRequest is used to request an OIDC authorization URL.

type OidcAuthUrlResponse 

type OidcAuthUrlResponse struct {
	// AuthUrl is the URL to redirect the user to for OIDC authentication.
	//
	// Required: true
	AuthUrl string `json:"authUrl"`
}

OidcAuthUrlResponse contains the generated OIDC authorization URL.

type OidcCallbackRequest 

type OidcCallbackRequest struct {
	// Code is the authorization code from the OIDC provider.
	//
	// Required: true
	Code string `json:"code"`

	// State is the state parameter from the OIDC provider for CSRF protection.
	//
	// Required: true
	State string `json:"state"`
}

OidcCallbackRequest contains the OIDC callback parameters.

type OidcCallbackResponse 

type OidcCallbackResponse struct {
	// Success indicates if the authentication was successful.
	//
	// Required: true
	Success bool `json:"success"`

	// Token is the JWT access token.
	//
	// Required: true
	Token string `json:"token"`

	// RefreshToken is the refresh token for obtaining new access tokens.
	//
	// Required: true
	RefreshToken string `json:"refreshToken"`

	// ExpiresAt is the expiration time of the access token.
	//
	// Required: true
	ExpiresAt time.Time `json:"expiresAt"`

	// User contains the authenticated user information.
	//
	// Required: true
	User user.User `json:"user"`
}

OidcCallbackResponse contains the response from OIDC callback processing.

type OidcConfigResponse 

type OidcConfigResponse struct {
	// ClientID is the OAuth 2.0 client identifier.
	//
	// Required: true
	ClientID string `json:"clientId"`

	// RedirectUri is the URI to redirect to after authentication.
	//
	// Required: true
	RedirectUri string `json:"redirectUri"`

	// IssuerUrl is the OIDC provider's issuer URL.
	//
	// Required: true
	IssuerUrl string `json:"issuerUrl"`

	// AuthorizationEndpoint is the URL of the authorization endpoint.
	//
	// Required: true
	AuthorizationEndpoint string `json:"authorizationEndpoint"`

	// TokenEndpoint is the URL of the token endpoint.
	//
	// Required: true
	TokenEndpoint string `json:"tokenEndpoint"`

	// UserinfoEndpoint is the URL of the userinfo endpoint.
	//
	// Required: true
	UserinfoEndpoint string `json:"userinfoEndpoint"`

	// DeviceAuthorizationEndpoint is the URL of the device authorization endpoint.
	//
	// Required: false
	DeviceAuthorizationEndpoint string `json:"deviceAuthorizationEndpoint,omitempty"`

	// Scopes is the space-separated list of OAuth scopes requested.
	//
	// Required: true
	Scopes string `json:"scopes"`
}

OidcConfigResponse contains the OIDC client configuration.

type OidcDeviceAuthRequest 

type OidcDeviceAuthRequest struct {
	// RedirectUri is optional and kept for consistency with other auth flows.
	//
	// Required: false
	RedirectUri string `json:"redirectUri,omitempty"`
}

OidcDeviceAuthRequest is used to request a device authorization code.

type OidcDeviceAuthResponse 

type OidcDeviceAuthResponse struct {
	// DeviceCode is the device verification code.
	//
	// Required: true
	DeviceCode string `json:"deviceCode"`

	// UserCode is the end-user verification code.
	//
	// Required: true
	UserCode string `json:"userCode"`

	// VerificationUri is the end-user verification URI.
	//
	// Required: true
	VerificationUri string `json:"verificationUri"`

	// VerificationUriComplete is the end-user verification URI with user code included.
	//
	// Required: false
	VerificationUriComplete string `json:"verificationUriComplete,omitempty"`

	// ExpiresIn is the lifetime of the device_code and user_code in seconds.
	//
	// Required: true
	ExpiresIn int `json:"expiresIn"`

	// Interval is the minimum polling interval in seconds.
	//
	// Required: false
	Interval int `json:"interval,omitempty"`
}

OidcDeviceAuthResponse contains the device authorization response.

type OidcDeviceTokenRequest 

type OidcDeviceTokenRequest struct {
	// DeviceCode is the device verification code from the authorization response.
	//
	// Required: true
	DeviceCode string `json:"deviceCode"`
}

OidcDeviceTokenRequest is used to exchange a device code for tokens.

type OidcDeviceTokenResponse 

type OidcDeviceTokenResponse struct {
	// Success indicates if the authentication was successful.
	//
	// Required: true
	Success bool `json:"success"`

	// Token is the JWT access token.
	//
	// Required: true
	Token string `json:"token"`

	// RefreshToken is the refresh token for obtaining new access tokens.
	//
	// Required: true
	RefreshToken string `json:"refreshToken"`

	// ExpiresAt is the expiration time of the access token.
	//
	// Required: true
	ExpiresAt time.Time `json:"expiresAt"`

	// User contains the authenticated user information.
	//
	// Required: true
	User user.User `json:"user"`
}

OidcDeviceTokenResponse contains the response from device token exchange.

type OidcStatusInfo 

type OidcStatusInfo struct {
	// EnvForced indicates if OIDC is forced via environment configuration.
	//
	// Required: true
	EnvForced bool `json:"envForced"`

	// EnvConfigured indicates if OIDC is configured via environment variables.
	//
	// Required: true
	EnvConfigured bool `json:"envConfigured"`

	// MergeAccounts indicates if accounts should be merged when using OIDC.
	//
	// Required: true
	MergeAccounts bool `json:"mergeAccounts"`

	// ProviderName is the custom display name for the OIDC provider.
	//
	// Required: false
	ProviderName string `json:"providerName,omitempty"`

	// ProviderLogoUrl is the custom logo URL for the OIDC provider.
	//
	// Required: false
	ProviderLogoUrl string `json:"providerLogoUrl,omitempty"`
}

OidcStatusInfo represents the status of OIDC configuration and usage.

type OidcTokenResponse 

type OidcTokenResponse struct {
	// AccessToken is the OAuth 2.0 access token.
	//
	// Required: true
	AccessToken string `json:"access_token"`

	// TokenType specifies the type of the access token (typically "Bearer").
	//
	// Required: true
	TokenType string `json:"token_type"`

	// RefreshToken is the OAuth 2.0 refresh token.
	//
	// Required: false
	RefreshToken string `json:"refresh_token,omitempty"`

	// ExpiresIn is the lifetime of the access token in seconds.
	//
	// Required: false
	ExpiresIn int `json:"expires_in,omitempty"`

	// IDToken is the OpenID Connect ID token.
	//
	// Required: false
	IDToken string `json:"id_token,omitempty"`
}

OidcTokenResponse represents the response from an OIDC token endpoint.

type OidcUserInfo 

type OidcUserInfo struct {
	// Subject is the unique identifier for the user at the OIDC provider.
	//
	// Required: true
	Subject string `json:"sub"`

	// Name is the full name of the user.
	//
	// Required: false
	Name string `json:"name,omitempty"`

	// Email is the email address of the user.
	//
	// Required: false
	Email string `json:"email,omitempty"`

	// EmailVerified indicates if the user's email has been verified.
	//
	// Required: false
	EmailVerified bool `json:"email_verified,omitempty"`

	// PreferredUsername is the user's preferred username.
	//
	// Required: false
	PreferredUsername string `json:"preferred_username,omitempty"`

	// GivenName is the user's given name (first name).
	//
	// Required: false
	GivenName string `json:"given_name,omitempty"`

	// FamilyName is the user's family name (last name).
	//
	// Required: false
	FamilyName string `json:"family_name,omitempty"`

	// Admin indicates if the user is an administrator.
	//
	// Required: false
	Admin bool `json:"admin,omitempty"`

	// Roles is a list of roles assigned to the user.
	//
	// Required: false
	Roles []string `json:"roles,omitempty"`

	// Groups is a list of groups the user belongs to.
	//
	// Required: false
	Groups []string `json:"groups,omitempty"`

	// Extra contains additional claims from the userinfo endpoint that are not
	// part of the standard OIDC claims. This field is not serialized to JSON.
	//
	// Required: false
	Extra map[string]any `json:"-"`
}

OidcUserInfo represents user information retrieved from an OIDC provider.

type PasswordChange 

type PasswordChange struct {
	CurrentPassword string `json:"currentPassword,omitempty" doc:"Current password of the user (required for non-OIDC users)"`
	NewPassword     string `json:"newPassword" minLength:"8" doc:"New password for the user"`
}

PasswordChange represents the password change request body.

type Refresh 

type Refresh struct {
	RefreshToken string `json:"refreshToken" minLength:"1" doc:"Refresh token used to obtain a new access token"`
}

Refresh represents the token refresh request body.

type TokenRefreshResponse 

type TokenRefreshResponse struct {
	Token        string    `json:"token" doc:"New JWT access token"`
	RefreshToken string    `json:"refreshToken" doc:"New refresh token"`
	ExpiresAt    time.Time `json:"expiresAt" doc:"Expiration time of the new access token"`
}

TokenRefreshResponse represents the successful token refresh response data.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.