Documentation
¶
Index ¶
Constants ¶
const ( // Well-known public client for the Kontext CLI. No secret. DefaultClientID = "app_a4fb6d20-e937-450f-aa19-db585405aa92" // Default API base URL. DefaultIssuerURL = "https://api.kontext.security" )
Variables ¶
This section is empty.
Functions ¶
func ClearSession ¶
func ClearSession() error
ClearSession removes the stored session from the system keyring.
func SaveSession ¶
SaveSession stores the session in the system keyring.
Types ¶
type LoginResult ¶
type LoginResult struct {
Session *Session
}
LoginResult is the output of a successful login flow.
type OAuthMetadata ¶
type OAuthMetadata struct {
Issuer string `json:"issuer"`
AuthorizationEndpoint string `json:"authorization_endpoint"`
TokenEndpoint string `json:"token_endpoint"`
JwksURI string `json:"jwks_uri"`
}
OAuthMetadata is the response from /.well-known/oauth-authorization-server.
func DiscoverEndpoints ¶
func DiscoverEndpoints(ctx context.Context, baseURL string) (*OAuthMetadata, error)
DiscoverEndpoints fetches OAuth authorization server metadata.
type Session ¶
type Session struct {
User UserInfo `json:"user"`
IssuerURL string `json:"issuer_url"`
Subject string `json:"subject"`
AccessToken string `json:"access_token"`
IDToken string `json:"id_token"`
RefreshToken string `json:"refresh_token"`
ExpiresAt time.Time `json:"expires_at"`
}
Session holds the authenticated user's OIDC identity and tokens.
func LoadSession ¶
LoadSession reads the stored session from the system keyring.
func Preflight ¶
Preflight loads the session and refreshes if needed. Returns a ready-to-use session.
func RefreshSession ¶
RefreshSession attempts to refresh an expired session using the refresh token.
func (*Session) DisplayIdentity ¶ added in v0.4.0
DisplayIdentity returns the human-readable identity for terminal output.
func (*Session) IdentityKey ¶ added in v0.4.0
IdentityKey returns the stable identity used for backend session attribution.
Source Files