device

package
v2.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 19, 2026 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Overview

Package device implements the OAuth 2.0 Device Authorization Grant plugin.

It handles POST /device_authorization (RFC 8628 §3.1), the GET/POST /device verification page (RFC 8628 §3.3), and the device_code grant type on the token endpoint (RFC 8628 §3.4).

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Config 

type Config struct {
	Store       storm.DeviceAuthStore
	ClientStore storm.ClientStore
	// Lifetime is the device code expiration duration (default: 15m).
	Lifetime time.Duration
	// Interval is the minimum polling interval in seconds (default: 5).
	Interval time.Duration
	// DeviceTemplate overrides the default device verification page template.
	// The template receives a map with "UserCode", "ClientID", "Scopes", "Error", "CSRFToken" keys.
	// If nil, the embedded default template is used.
	DeviceTemplate *template.Template
	// MaxUserCodeRetries limits how many times to retry user_code generation on collision.
	// Prevents infinite loops if the store is full or has high collision probability.
	// Default is 100.
	MaxUserCodeRetries int
	// CSRFKey is a 32-byte key for signing CSRF cookies on the verification page.
	// If nil, CSRF protection is disabled (not recommended for production).
	// Uses pkg/util/http CookieHandler for secure cookie handling.
	CSRFKey []byte
}

Config holds the dependencies for the Device plugin.

type Plugin 

type Plugin struct {
	// contains filtered or unexported fields
}

Plugin implements the OAuth 2.0 Device Authorization Grant (RFC 8628).

func NewWithConfig 

func NewWithConfig(cfg Config) *Plugin

NewWithConfig creates a new Device plugin with explicit config.

func (*Plugin) Category 

func (p *Plugin) Category() storm.PluginCategory

Category returns CategoryStandard — device is optional but enabled by default.

func (*Plugin) Contribute 

func (p *Plugin) Contribute(ctx context.Context, cfg *protocol.DiscoveryConfiguration)

Contribute returns the discovery fields for the device authorization endpoint.

func (*Plugin) Name 

func (p *Plugin) Name() string

Name returns the plugin name.

func (*Plugin) Register 

func (p *Plugin) Register(r chi.Router)

Register installs the /device_authorization and /device routes.

func (*Plugin) Requires 

func (p *Plugin) Requires() []string

Requires returns the storage dependencies.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.