device

package module
v0.0.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 17, 2023 License: MIT Imports: 16 Imported by: 1

README

OAuth2 Device Authorization Flow go module

This go module is a helper to implement OAuth2 Device authentication in command line interfaces (or any other input constrained device).

This is the authorization flow the AWS cli uses for SSO.

device flow sequence diagram

Providers

The module has two providers, Auth0 and Okta, and a third which is yet to be implemented.

Auth0

This provider is fully functional. Setup instructions.

Okta

This provider is fully functional. Setup instructions.

Google

To be implemented. Setup instructions.

Documentation

Index

Constants

View Source 
const GrantType = "urn:ietf:params:oauth:grant-type:device_code"

Variables

View Source 
var (
	// ErrAccessDenied is returned when the user denies the app access to their account.
	ErrAccessDenied   = errors.New("access denied by user")
	ErrAuthPending    = errors.New("authorization pending")
	ErrNotImplemented = errors.New("not implemented")
)
View Source 
var DefaultScopes = []string{"openid", "profile", "offline_access"}

Functions

This section is empty.

Types

type Auth0 added in v0.0.2 

type Auth0 struct{}

func (Auth0) Config added in v0.0.2 

func (a Auth0) Config(org, clientID string) *Config

type Authorizer 

type Authorizer struct {
	*Config
	// contains filtered or unexported fields
}

func NewAuthorizer 

func NewAuthorizer(config *Config) *Authorizer

func (*Authorizer) Refresh 

func (a *Authorizer) Refresh(ctx context.Context) error

func (*Authorizer) RequestCode 

func (a *Authorizer) RequestCode(ctx context.Context) (Code, error)

func (*Authorizer) Revoke 

func (a *Authorizer) Revoke(ctx context.Context) error

func (*Authorizer) WaitForAuthorization 

func (a *Authorizer) WaitForAuthorization(ctx context.Context, code Code) (oauth2.Token, error)

type Code 

type Code struct {
	DeviceCode              string `json:"device_code"`
	UserCode                string `json:"user_code"`
	VerificationURI         string `json:"verification_uri"`
	VerificationURIComplete string `json:"verification_uri_complete"`
	ExpiresIn               int64  `json:"expires_in"`
	Interval                int64  `json:"interval"`
}

type Config 

type Config struct {
	OAuth2Config oauth2.Config
	Audience     string
	Issuer       string
	URI          string
	// contains filtered or unexported fields
}

type Error 

type Error struct {
	ErrorCode    string   `json:"ErrorCode"`
	ErrorSummary string   `json:"errorSummary"`
	ErrorCauses  []string `json:"errorCauses"`
}

type Key added in v0.0.2 

type Key struct {
	Alg string   `json:"alg"`
	Kty string   `json:"kty"`
	Use string   `json:"use"`
	N   string   `json:"n"`
	E   string   `json:"e"`
	Kid string   `json:"kid"`
	X5T string   `json:"x5t"`
	X5C []string `json:"x5c"`
}

type Okta added in v0.0.2 

type Okta struct{}

func (Okta) Config added in v0.0.2 

func (o Okta) Config(org, clientID string) *Config

type Provider added in v0.0.2 

type Provider interface {
	Config(org, clientID string) *Config
}

func NewProvider added in v0.0.2 

func NewProvider(name string) Provider

type Validator added in v0.0.2 

type Validator struct {
	*Config
	Keys map[string]*rsa.PublicKey
}

func NewValidator added in v0.0.2 

func NewValidator(cfg *Config) *Validator

func (*Validator) LoadKeys added in v0.0.3 

func (v *Validator) LoadKeys() error

LoadKeys loads public keys from the provider

func (*Validator) Validate added in v0.0.2 

func (v *Validator) Validate(tokenString string) error

Validate validates a token against public keys which must be loaded prior.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.