Documentation
¶
Overview ¶
Package authclient is a minimal HTTP client for the CLI session and profile endpoints that lsh uses during login/logout. These endpoints are not in the generated go-swagger client, so we keep a small, dependency-free wrapper here.
Index ¶
- type APIKey
- type Client
- func (c *Client) CreateSession(ctx context.Context, req CreateSessionRequest) (*Session, error)
- func (c *Client) GetCurrentTeam(ctx context.Context, token string) (*Team, error)
- func (c *Client) GetUserProfile(ctx context.Context, token string) (*UserProfile, error)
- func (c *Client) ListProjects(ctx context.Context, token string) ([]Project, error)
- func (c *Client) PollSession(ctx context.Context, id, secret string) (*Session, error)
- func (c *Client) RevokeAPIKey(ctx context.Context, token, keyID string) error
- type CreateSessionRequest
- type HTTPError
- type Project
- type Session
- type Team
- type User
- type UserProfile
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client talks to the Latitude API for auth-related endpoints.
func New ¶
New builds a Client. baseURL should include scheme and host (e.g. "https://api.latitude.sh"). apiVersion is sent as the API-Version header on every request, matching what the generated SDK does.
func (*Client) CreateSession ¶
CreateSession opens a new CLI login session. Unauthenticated.
func (*Client) GetCurrentTeam ¶
GetCurrentTeam returns the team bound to the token's membership. GET /team is server-side scoped to current_user_membership, so the returned list contains exactly one entry for a valid token.
func (*Client) GetUserProfile ¶
GetUserProfile validates the token and returns user/team context. Used by `lsh login --with-token <T>`. Note: the Rails resource does not return the team in this payload; use GetCurrentTeam to fetch it.
func (*Client) ListProjects ¶
ListProjects returns every project accessible to the token's team. Used by the interactive project picker when a command needs a project but the user did not pass --project. It pages through the API (which defaults to 20 per page) so teams with many projects are fully listed.
func (*Client) PollSession ¶
PollSession reads the session with the secret. Returns the Session (with credential fields when status=approved) or HTTPError. Callers treat 410 (gone) and 404 (not found) as terminal.
type CreateSessionRequest ¶
type CreateSessionRequest struct {
ClientName string `json:"client_name,omitempty"`
ClientVersion string `json:"client_version,omitempty"`
}
CreateSessionRequest is the body of POST /auth/cli_sessions.
type Session ¶
type Session struct {
ID string `json:"id"`
Secret string `json:"secret,omitempty"`
UserCode string `json:"user_code,omitempty"`
AuthorizeURL string `json:"authorize_url,omitempty"`
ExpiresAt string `json:"expires_at,omitempty"`
Status string `json:"status,omitempty"`
APIKey *APIKey `json:"api_key,omitempty"`
Team *Team `json:"team,omitempty"`
User *User `json:"user,omitempty"`
}
Session is the public payload returned by the API on create and on the secret-gated poll (with the credential fields populated).
type UserProfile ¶
type UserProfile struct {
ID string `json:"id"`
Email string `json:"email"`
Team Team `json:"team"`
}
UserProfile is the subset of GET /user/profile that lsh uses to validate a token and to populate config after a --with-token login.
Source Files