authenticator

package
v0.0.0-...-d6aaa2e Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 8, 2025 License: MIT Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AuthHeader       string = "Authorization"
	AuthHeaderPrefix string = "Bearer "
)

Authorization headers constants.

View Source 
const (
	StateGenerationByteSize = 32
	StatePartCount          = 2
)

OAuth state token generation constants.

Variables

This section is empty.

Functions

This section is empty.

Types

type Authenticator 

type Authenticator struct {
	Provider     *oidc.Provider
	Config       oauth2.Config
	HMACSecret   []byte
	APIAudience  string
	ClientOrigin string
	// contains filtered or unexported fields
}

Authenticator encapsulates OAuth2 and OpenID Connect (OIDC) authentication functionality. It provides methods for user login, callback handling, token verification, and middleware for protecting routes that require authentication.

func New 

func New(ctx context.Context, domain string, opts ...Option) (*Authenticator, error)

func (*Authenticator) Exchange 

func (a *Authenticator) Exchange(ctx context.Context, code string) (*oauth2.Token, error)

Exchange allows to exchange token with provider.

func (*Authenticator) ExtractTokenFromRequest 

func (a *Authenticator) ExtractTokenFromRequest(r *http.Request) string

ExtractTokenFromRequest gets the bearer token from the Authorization header.

func (*Authenticator) GenerateState 

func (a *Authenticator) GenerateState() (string, error)

GenerateState computes the state based on HMACSecret.

func (*Authenticator) GetBaseURL 

func (a *Authenticator) GetBaseURL() (string, error)

GetBaseURL returns the auth0 provider endpoint URL.

func (*Authenticator) GetClientID 

func (a *Authenticator) GetClientID() string

GetClientID returns the OAuth's clientID.

func (*Authenticator) GetClientOrigin 

func (a *Authenticator) GetClientOrigin() string

GetClientOrigin returns the client origin that will redirect by authenticator.

func (*Authenticator) RevokeToken 

func (a *Authenticator) RevokeToken(ctx context.Context, token string) error

RevokeToken sends a request to Auth0 to revoke the token.

func (*Authenticator) VerifyAccessToken 

func (a *Authenticator) VerifyAccessToken(ctx context.Context, token *oauth2.Token) (*oidc.IDToken, error)

VerifyAccessToken verifies an access token.

func (*Authenticator) VerifyState 

func (a *Authenticator) VerifyState(s string) error

VerifyState verifies if the state is matching with expected signature.

func (*Authenticator) VerifyToken 

func (a *Authenticator) VerifyToken(ctx context.Context, token *oauth2.Token) (*oidc.IDToken, error)

VerifyToken verifies the ID token and returns the parsed token.

type Option 

type Option func(*Authenticator)

Option defines a function type to apply options to Authenticator.

func WithAPIAudience 

func WithAPIAudience(aud string) Option

WithAPIAudience sets the API audience for access token verification.

func WithClientOrigin 

func WithClientOrigin(origin string) Option

WithClientOrigin sets the client origin for CORS configuration and redirection after the verification.

func WithHMACSecret 

func WithHMACSecret(secret []byte) Option

WithHMACSecret sets the HMAC secret for state parameter verification.

func WithLogger 

func WithLogger(log *logger.Logger) Option

WithLogger sets the logger for the authenticator.

func WithOAuthConfig 

func WithOAuthConfig(clientID, clientSecret, redirectURL string) Option

WithOAuthConfig sets the OAuth2 configuration.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.