oauth2

package
v0.0.0-...-d9d5b18 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 27, 2026 License: MIT Imports: 10 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrBadAuthenticationFormat = errors.New("bad authentication format")
	ErrTokenExpired            = errors.New("token expired")
	ErrBadTypeForUserData      = errors.New("bad type for user data")
)
View Source 
var (
	ErrClientNotFound    = errors.New("oauth2 client not found")
	ErrAccessNotFound    = errors.New("oauth2 access token not found")
	ErrRefreshNotFound   = errors.New("oauth2 refresh token not found")
	ErrAuthorizeNotFound = errors.New("oauth2 authorize code not found")
	ErrUserNotFound      = errors.New("oauth2 user not found")
)

Functions

func AccessTokenToContext 

func AccessTokenToContext(ctx context.Context, access *AccessInfo) context.Context

AccessTokenToContext returns new context with Access Token info.

func ClientToContext 

func ClientToContext(ctx context.Context, client Client) context.Context

ClientToContext returns new context with Client.

Types

type AccessInfo 

type AccessInfo struct {
	// Client information
	Client Client

	// Authorize data, for authorization code
	AuthorizeData *AuthorizeInfo

	// Previous access data, for refresh token
	AccessInfo *AccessInfo

	// Access token
	AccessToken string

	// Refresh Token. Can be blank
	RefreshToken string

	// Token expiration in seconds
	ExpiresIn int32

	// Requested scope
	Scope string

	// Redirect URI from request
	RedirectURI string

	// Date created
	CreatedAt time.Time

	// Data to be passed to storage. Not used by the library.
	UserData interface{}
}

AccessInfo represents an access grant (tokens, expiration, client, etc).

func AccessTokenFromContext 

func AccessTokenFromContext(ctx context.Context) *AccessInfo

AccessTokenFromContext returns the Access Token info associated with the ctx.

func (*AccessInfo) ExpireAt 

func (i *AccessInfo) ExpireAt() time.Time

ExpireAt returns the expiration date.

func (*AccessInfo) IsExpired 

func (i *AccessInfo) IsExpired() bool

IsExpired returns true if access expired.

func (*AccessInfo) IsExpiredAt 

func (i *AccessInfo) IsExpiredAt(t time.Time) bool

IsExpiredAt returns true if access expires at time 't'.

type AccessProvider 

type AccessProvider interface {
	SaveAccess(*AccessInfo) error
	LoadAccess(token string) (*AccessInfo, error)
	RemoveAccess(token string) error
}

type AccessToken 

type AccessToken interface {
	GetClient() Client
	GetToken() string
	IsExpired() bool
	GetUserID() string
}

type AuthorizeInfo 

type AuthorizeInfo struct {
	// Client information
	Client Client

	// Authorization code
	Code string

	// Token expiration in seconds
	ExpiresIn int32

	// Requested scope
	Scope string

	// Redirect Uri from request
	RedirectURI string

	// State data from request
	State string

	// Date created
	CreatedAt time.Time

	// Data to be passed to storage. Not used by the library.
	UserData interface{}

	// Optional code_challenge as described in rfc7636
	CodeChallenge string

	// Optional code_challenge_method as described in rfc7636
	CodeChallengeMethod string
}

AuthorizeInfo info.

func (*AuthorizeInfo) ExpireAt 

func (i *AuthorizeInfo) ExpireAt() time.Time

ExpireAt returns the expiration date.

func (*AuthorizeInfo) IsExpired 

func (i *AuthorizeInfo) IsExpired() bool

IsExpired is true if authorization expired.

func (*AuthorizeInfo) IsExpiredAt 

func (i *AuthorizeInfo) IsExpiredAt(t time.Time) bool

IsExpired is true if authorization expires at time 't'.

type AuthorizeProvider 

type AuthorizeProvider interface {
	SaveAuthorize(*AuthorizeInfo) error
	LoadAuthorize(code string) (*AuthorizeInfo, error)
	RemoveAuthorize(code string) error
}

type Client 

type Client interface {
	// Client ID
	GetID() string

	// Client secret
	GetSecret() string

	// Base client URI
	GetRedirectURI() string

	// Data to be passed to storage. Not used by the library.
	GetUserData() interface{}
}

Client information.

func ClientFromContext 

func ClientFromContext(ctx context.Context) Client

ClientFromContext returns the Client associated with the ctx.

type ClientProvider 

type ClientProvider interface {
	SaveClient(Client) error
	LoadClient(id string) (Client, error)
	RemoveClient(id string) error
}

type ClientSecretMatcher 

type ClientSecretMatcher interface {
	// SecretMatches returns true if the given secret matches
	SecretMatches(secret string) bool
}

ClientSecretMatcher is an optional interface clients can implement which allows them to be the one to determine if a secret matches. If a Client implements ClientSecretMatcher, the framework will never call GetSecret.

type DefaultClient 

type DefaultClient struct {
	ID          string
	Secret      string
	RedirectURI string
	UserData    interface{}
}

DefaultClient stores all data in struct variables.

func (*DefaultClient) CopyFrom 

func (d *DefaultClient) CopyFrom(client Client)

func (*DefaultClient) GetID 

func (d *DefaultClient) GetID() string

func (*DefaultClient) GetRedirectURI 

func (d *DefaultClient) GetRedirectURI() string

func (*DefaultClient) GetSecret 

func (d *DefaultClient) GetSecret() string

func (*DefaultClient) GetUserData 

func (d *DefaultClient) GetUserData() interface{}

func (*DefaultClient) SecretMatches 

func (d *DefaultClient) SecretMatches(secret string) bool

Implement the ClientSecretMatcher interface.

type OAuth2AuthenticationProvider 

type OAuth2AuthenticationProvider struct {
	// contains filtered or unexported fields
}

OAuth2AuthenticationProvider struct.

func NewOAuth2AuthenticationProvider 

func NewOAuth2AuthenticationProvider(
	tokenGenerator token.Generator,
	userStorage UserProvider,
	clientStorage ClientProvider,
	accessStorage AccessProvider,
	refreshStorage RefreshProvider,
	authorizeStorage AuthorizeProvider,
) *OAuth2AuthenticationProvider

NewOAuth2AuthenticationProvider constructor.

func (*OAuth2AuthenticationProvider) Authenticate 

func (p *OAuth2AuthenticationProvider) Authenticate(r *http.Request, creds credential.Credential) (*http.Request, error)

Authenticate implements Provider.

func (*OAuth2AuthenticationProvider) IsSupported 

func (p *OAuth2AuthenticationProvider) IsSupported(creds credential.Credential) bool

IsSupported returns true if credential.Credential is supported.

type RefreshProvider 

type RefreshProvider interface {
	SaveRefresh(*AccessInfo) error
	LoadRefresh(token string) (*AccessInfo, error)
	RemoveRefresh(token string) error
}

type StorageProvider 

type StorageProvider interface {
	ClientProvider
	AccessProvider
	RefreshProvider
	AuthorizeProvider
}

type UserProvider 

type UserProvider interface {
	LoadUser(id string) (user.User, error)
}

Source Files

View all Source files

Directories

Path Synopsis
random

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.