httpclient

package
v0.0.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 20, 2026 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ContentHeaderAuthenticate = "WWW-Authenticate"
)

Variables

This section is empty.

Functions

func IsUnauthorized 

func IsUnauthorized(recorder *transport.Recorder) error

IsUnauthorized checks if the error is an HTTP 401 Unauthorized error, and if so, it parses the WWW-Authenticate header and returns an AuthError with the header values.

func OAuth2Config 

func OAuth2Config(config oidc.BaseConfiguration, clientID, clientSecret string, scopes ...string) (*oauth2.Config, error)

OAuth2Config returns an oauth2.Config derived from auth server metadata and client ID.

func OAuth2ConfigForFlow 

func OAuth2ConfigForFlow(flow *oidc.AuthorizationCodeFlow, clientSecret string) (*oauth2.Config, error)

OAuth2ConfigForFlow returns an oauth2.Config derived from the authorization flow. Some server-side provider exchanges do not require a client_id because the authorization server resolves the provider from other request fields.

Types

type AuthError 

type AuthError struct {
	Scheme     string `json:"scheme"`
	url.Values `json:"param,omitempty"`
}

func AsAuthError 

func AsAuthError(err error) *AuthError

AsAuthError extracts an AuthError regardless of whether it was returned as a value or pointer.

func (AuthError) Error 

func (e AuthError) Error() string

func (AuthError) String 

func (e AuthError) String() string

type ChangeCallback 

type ChangeCallback func(schema.ChangeNotification) error

ChangeCallback is invoked for each decoded SSE change notification.

type Client 

type Client struct {
	*client.Client
	Endpoint string
}

func New 

func New(endpoint string, opts ...client.ClientOpt) (*Client, error)

func (*Client) Discover 

func (c *Client) Discover(ctx context.Context, issuer string) (*Config, error)

Discover resolves auth server metadata directly from an issuer URL.

func (*Client) DiscoverFromIssuer 

func (c *Client) DiscoverFromIssuer(ctx context.Context, issuer string) (*Config, error)

DiscoverFromIssuer resolves authorization server metadata directly from a known issuer URL without first probing protected-resource metadata.

func (*Client) DiscoverWithError 

func (c *Client) DiscoverWithError(ctx context.Context, err error) (*Config, error)

DiscoverWithError resolves auth metadata from an auth challenge.

func (*Client) DoAuthWithContext 

func (c *Client) DoAuthWithContext(ctx context.Context, req client.Payload, v any, opt ...client.RequestOpt) error

DoAuthWithContext performs the supplied request, and if the response is 401 Unauthorized, it parses the WWW-Authenticate header and returns an AuthError with the header values.

func (*Client) ExchangeCode 

func (c *Client) ExchangeCode(ctx context.Context, flow *oidc.AuthorizationCodeFlow, code, clientSecret string) (*oauth2.Token, error)

ExchangeCode exchanges an authorization code using the supplied flow configuration and returns the token response from the configured endpoint.

func (*Client) RefreshToken 

func (c *Client) RefreshToken(ctx context.Context, config *oauth2.Config, token *oauth2.Token) (*oauth2.Token, error)

RefreshToken refreshes an OAuth token using the supplied OAuth client configuration.

func (*Client) RegisterClient 

func (c *Client) RegisterClient(ctx context.Context, server *ServerMetadata, redirectURI string) (*ClientRegistrationResponse, error)

RegisterClient registers a client against the supplied authorization server metadata.

func (*Client) RevokeToken 

func (c *Client) RevokeToken(ctx context.Context, endpoint string, token *oauth2.Token, clientID, clientSecret string) error

RevokeToken revokes an OAuth token using the supplied revocation endpoint.

func (*Client) UserInfo 

func (c *Client) UserInfo(ctx context.Context, endpoint string, token *oauth2.Token) (*oidc.UserInfo, error)

type ClientRegistrationRequest 

type ClientRegistrationRequest struct {
	RedirectURIs            []string `json:"redirect_uris,omitempty"`
	GrantTypes              []string `json:"grant_types,omitempty"`
	ResponseTypes           []string `json:"response_types,omitempty"`
	TokenEndpointAuthMethod string   `json:"token_endpoint_auth_method,omitempty"`
	ClientName              string   `json:"client_name,omitempty"`
	Scope                   string   `json:"scope,omitempty"`
}

type ClientRegistrationResponse 

type ClientRegistrationResponse struct {
	ClientID                string   `json:"client_id"`
	ClientSecret            string   `json:"client_secret,omitempty"`
	ClientIDIssuedAt        int64    `json:"client_id_issued_at,omitempty"`
	ClientSecretExpiresAt   int64    `json:"client_secret_expires_at,omitempty"`
	RedirectURIs            []string `json:"redirect_uris,omitempty"`
	GrantTypes              []string `json:"grant_types,omitempty"`
	ResponseTypes           []string `json:"response_types,omitempty"`
	TokenEndpointAuthMethod string   `json:"token_endpoint_auth_method,omitempty"`
	RegistrationClientURI   string   `json:"registration_client_uri,omitempty"`
	RegistrationAccessToken string   `json:"registration_access_token,omitempty"`
}

type Config 

type Config struct {
	oidc.ProtectedResourceMetadata `json:"protected_resource_metadata,omitempty"`
	AuthorizationServers           []ServerMetadata `json:"authorization_servers,omitempty"`
}

func (*Config) AuthorizationCodeConfig 

func (c *Config) AuthorizationCodeConfig() (oidc.BaseConfiguration, error)

AuthorizationCodeConfig converts the selected authorization server metadata into the minimal OIDC/OAuth configuration needed to build an auth code flow.

func (*Config) AuthorizationServerForFlow 

func (c *Config) AuthorizationServerForFlow() (*ServerMetadata, error)

AuthorizationServerForFlow selects a discovered authorization server that advertises an authorization endpoint.

func (*Config) AuthorizationServerForRegistration 

func (c *Config) AuthorizationServerForRegistration() (*ServerMetadata, error)

AuthorizationServerForRegistration selects a discovered authorization server that can be used for dynamic client registration.

func (*Config) AuthorizationServerForUserInfo 

func (c *Config) AuthorizationServerForUserInfo() (*ServerMetadata, error)

AuthorizationServerForUserInfo selects a discovered authorization server that advertises a userinfo endpoint.

type ManagerClient 

type ManagerClient struct {
	*Client
}

ManagerClient is a management HTTP client that wraps the base HTTP client.

func Manager 

func Manager(url string, tokenstore authtransport.TokenStore, opts ...client.ClientOpt) (*ManagerClient, error)

Manager creates a new management HTTP client with the given base URL and options.

func (*ManagerClient) AddUserGroups 

func (c *ManagerClient) AddUserGroups(ctx context.Context, user schema.UserID, groups []string) (*schema.User, error)

func (*ManagerClient) Config 

func (c *ManagerClient) Config(ctx context.Context) (schema.PublicClientConfigurations, error)

func (*ManagerClient) CreateGroup 

func (c *ManagerClient) CreateGroup(ctx context.Context, insert schema.GroupInsert) (*schema.Group, error)

func (*ManagerClient) CreateKey added in v0.0.8 

func (c *ManagerClient) CreateKey(ctx context.Context, meta schema.KeyMeta) (*schema.Key, error)

func (*ManagerClient) CreateUser 

func (c *ManagerClient) CreateUser(ctx context.Context, meta schema.UserMeta) (*schema.User, error)

func (*ManagerClient) DeleteGroup 

func (c *ManagerClient) DeleteGroup(ctx context.Context, group string) error

func (*ManagerClient) DeleteUser 

func (c *ManagerClient) DeleteUser(ctx context.Context, user schema.UserID) error

func (*ManagerClient) GetGroup 

func (c *ManagerClient) GetGroup(ctx context.Context, group string) (*schema.Group, error)

func (*ManagerClient) GetUser 

func (c *ManagerClient) GetUser(ctx context.Context, user schema.UserID) (*schema.User, error)

func (*ManagerClient) ListGroups 

func (c *ManagerClient) ListGroups(ctx context.Context, req schema.GroupListRequest) (*schema.GroupList, error)

func (*ManagerClient) ListScopes 

func (c *ManagerClient) ListScopes(ctx context.Context, req schema.ScopeListRequest) (*schema.ScopeList, error)

func (*ManagerClient) ListUsers 

func (c *ManagerClient) ListUsers(ctx context.Context, req schema.UserListRequest) (*schema.UserList, error)

func (*ManagerClient) ListenChanges 

func (c *ManagerClient) ListenChanges(ctx context.Context, fn ChangeCallback, opts ...client.RequestOpt) error

ListenChanges connects to the protected SSE changes endpoint and invokes the callback for each decoded change notification until the context is cancelled, the stream ends, or the callback returns an error.

func (*ManagerClient) RemoveUserGroups 

func (c *ManagerClient) RemoveUserGroups(ctx context.Context, user schema.UserID, groups []string) (*schema.User, error)

func (*ManagerClient) UpdateGroup 

func (c *ManagerClient) UpdateGroup(ctx context.Context, group string, meta schema.GroupMeta) (*schema.Group, error)

func (*ManagerClient) UpdateUser 

func (c *ManagerClient) UpdateUser(ctx context.Context, user schema.UserID, meta schema.UserMeta) (*schema.User, error)

type RevokeRequest 

type RevokeRequest struct {
	ClientID     string `json:"client_id,omitempty"`
	ClientSecret string `json:"client_secret,omitempty"`
	Token        string `json:"token,omitempty"`
	TokenType    string `json:"token_type_hint,omitempty"`
}

type ServerMetadata 

type ServerMetadata struct {
	Issuer string                  `json:"issuer,omitempty"`
	Oidc   oidc.OIDCConfiguration  `json:"oidc,omitzero"`
	OAuth  oidc.OAuthConfiguration `json:"oauth,omitzero"`
}

func (*ServerMetadata) AuthorizationCodeConfig 

func (serverMeta *ServerMetadata) AuthorizationCodeConfig() (oidc.BaseConfiguration, error)

AuthorizationCodeConfig converts discovered server metadata into a base configuration suitable for authorization code flows.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.