Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

token

package

Go to main page

Versions in this module

v0

v0.2.0

Mar 8, 2026

Changes in this version

+ const TokenBytes

+ type Capabilities struct

+ CanAccessUI bool

+ CanActOnBehalf bool

+ CanBypassRLS bool

+ CanDelegate bool

+ CanManageProfile bool

+ CanRequestOffline bool

+ RequiresApproval bool

+ type DefaultService struct

+ func (s *DefaultService) GetCapabilitiesForType(principalType principal.Type) Capabilities

+ func (s *DefaultService) Issue(ctx context.Context, input IssueInput) (*IssuedToken, error)

+ func (s *DefaultService) ListForPrincipal(ctx context.Context, principalID uuid.UUID) ([]*Token, error)

+ func (s *DefaultService) Refresh(ctx context.Context, input RefreshInput) (*IssuedToken, error)

+ func (s *DefaultService) Revoke(ctx context.Context, tokenID uuid.UUID, revokeFamily bool, reason string) error

+ func (s *DefaultService) RevokeAllForPrincipal(ctx context.Context, principalID uuid.UUID, reason string) error

+ func (s *DefaultService) RevokeBySignature(ctx context.Context, accessTokenSignature string, revokeFamily bool, ...) error

+ func (s *DefaultService) Validate(ctx context.Context, accessToken string) (*Token, error)

+ type IssueInput struct

+ AccessTTL time.Duration

+ Audience []string

+ Capabilities map[string]bool

+ ClientIP string

+ DPoPJKT string

+ DelegationChain []string

+ IssuedByAppID *uuid.UUID

+ ParentTokenID *uuid.UUID

+ PrincipalID uuid.UUID

+ PrincipalType principal.Type

+ RefreshTTL time.Duration

+ Scopes []string

+ SessionID string

+ UserAgent string

+ type IssuedToken struct

+ AccessToken string

+ ExpiresIn int

+ RefreshToken string

+ Token *Token

+ TokenType string

+ type RefreshInput struct

+ ClientIP string

+ DPoPJKT string

+ RefreshToken string

+ Scopes []string

+ UserAgent string

+ type Service interface

+ GetCapabilitiesForType func(principalType principal.Type) Capabilities

+ Issue func(ctx context.Context, input IssueInput) (*IssuedToken, error)

+ ListForPrincipal func(ctx context.Context, principalID uuid.UUID) ([]*Token, error)

+ Refresh func(ctx context.Context, input RefreshInput) (*IssuedToken, error)

+ Revoke func(ctx context.Context, tokenID uuid.UUID, revokeFamily bool, reason string) error

+ RevokeAllForPrincipal func(ctx context.Context, principalID uuid.UUID, reason string) error

+ RevokeBySignature func(ctx context.Context, accessTokenSignature string, revokeFamily bool, ...) error

+ Validate func(ctx context.Context, accessToken string) (*Token, error)

+ func NewService(client *ent.Client) Service

+ type Token struct

+ AccessExpiresAt time.Time

+ Audience []string

+ Capabilities map[string]bool

+ ClientIP string

+ CreatedAt time.Time

+ DPoPJKT string

+ DelegationChain []string

+ FamilyID uuid.UUID

+ ID uuid.UUID

+ IssuedByAppID *uuid.UUID

+ LastUsedAt *time.Time

+ ParentTokenID *uuid.UUID

+ PrincipalID uuid.UUID

+ PrincipalType principal.Type

+ RefreshExpiresAt *time.Time

+ Revoked bool

+ RevokedAt *time.Time

+ RevokedReason string

+ Scopes []string

+ SessionID string

+ UserAgent string