xai

package
v7.2.69 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 12, 2026 License: MIT Imports: 16 Imported by: 0

Documentation

Overview

Package xai provides OAuth2 authentication helpers for xAI Grok.

Index

Constants

View Source
const (
	// DefaultAPIBaseURL is the default official xAI API base URL.
	// Used for OAuth credential defaults, websocket, media (image/video),
	// and non-media HTTP chat when auth using_api is true or non-OAuth.
	DefaultAPIBaseURL = "https://api.x.ai/v1"
	// CLIChatProxyBaseURL is the Grok CLI chat-proxy base URL for non-image/video
	// HTTP chat when auth using_api is false, including the OAuth default.
	CLIChatProxyBaseURL = "https://cli-chat-proxy.grok.com/v1"
	// Issuer is xAI's OAuth issuer.
	Issuer = "https://auth.x.ai"
	// DiscoveryURL is the OIDC discovery endpoint used to resolve OAuth endpoints.
	DiscoveryURL = Issuer + "/.well-known/openid-configuration"
	// ClientID is the public xAI Grok CLI OAuth client ID.
	ClientID = "b1a00492-073a-47ea-816f-4c329264a828"
	// Scope is the OAuth scope set required for xAI API access.
	Scope = "openid profile email offline_access grok-cli:access api:access"
	// DeviceCodeGrantType is the OAuth2 device authorization grant type (RFC 8628).
	DeviceCodeGrantType = "urn:ietf:params:oauth:grant-type:device_code"

	// MaxPollDuration is the upper bound for waiting on user authorization.
	MaxPollDuration = 30 * time.Minute
)

Variables

This section is empty.

Functions

func CredentialFileName

func CredentialFileName(email, subject string) string

CredentialFileName returns the filename used for xAI credentials.

func RefreshLead

func RefreshLead() time.Duration

RefreshLead returns the refresh lead time for xAI OAuth credentials.

func ValidateOAuthEndpoint

func ValidateOAuthEndpoint(rawURL string, field string) (string, error)

ValidateOAuthEndpoint validates an endpoint returned by xAI discovery.

Types

type AuthBundle

type AuthBundle struct {
	TokenData     TokenData
	LastRefresh   string
	BaseURL       string
	RedirectURI   string
	TokenEndpoint string
}

AuthBundle aggregates token data and OAuth metadata for persistence.

type DeviceCodeResponse added in v7.2.64

type DeviceCodeResponse struct {
	DeviceCode              string `json:"device_code"`
	UserCode                string `json:"user_code"`
	VerificationURI         string `json:"verification_uri"`
	VerificationURIComplete string `json:"verification_uri_complete"`
	ExpiresIn               int    `json:"expires_in"`
	Interval                int    `json:"interval"`
	TokenEndpoint           string `json:"-"`
}

DeviceCodeResponse represents xAI's device authorization response.

type Discovery

type Discovery struct {
	DeviceAuthorizationEndpoint string `json:"device_authorization_endpoint"`
	TokenEndpoint               string `json:"token_endpoint"`
}

Discovery contains OAuth endpoints resolved from xAI OIDC discovery.

type TokenData

type TokenData struct {
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token"`
	IDToken      string `json:"id_token,omitempty"`
	TokenType    string `json:"token_type,omitempty"`
	ExpiresIn    int    `json:"expires_in,omitempty"`
	Expire       string `json:"expired,omitempty"`
	Email        string `json:"email,omitempty"`
	Subject      string `json:"sub,omitempty"`
}

TokenData holds xAI OAuth token data.

type TokenStorage

type TokenStorage struct {
	Type          string `json:"type"`
	AccessToken   string `json:"access_token"`
	RefreshToken  string `json:"refresh_token"`
	IDToken       string `json:"id_token,omitempty"`
	TokenType     string `json:"token_type,omitempty"`
	ExpiresIn     int    `json:"expires_in,omitempty"`
	Expire        string `json:"expired,omitempty"`
	LastRefresh   string `json:"last_refresh,omitempty"`
	Email         string `json:"email,omitempty"`
	Subject       string `json:"sub,omitempty"`
	BaseURL       string `json:"base_url,omitempty"`
	RedirectURI   string `json:"redirect_uri,omitempty"`
	TokenEndpoint string `json:"token_endpoint,omitempty"`
	AuthKind      string `json:"auth_kind,omitempty"`

	Metadata map[string]any `json:"-"`
}

TokenStorage stores xAI OAuth credentials on disk.

func (*TokenStorage) SaveTokenToFile

func (ts *TokenStorage) SaveTokenToFile(authFilePath string) error

SaveTokenToFile writes xAI credentials to a JSON auth file.

func (*TokenStorage) SetMetadata

func (ts *TokenStorage) SetMetadata(meta map[string]any)

SetMetadata allows the token store to merge status fields before saving.

type XAIAuth

type XAIAuth struct {
	// contains filtered or unexported fields
}

XAIAuth performs xAI OAuth discovery, device-code login, and refresh.

func NewXAIAuth

func NewXAIAuth(cfg *config.Config) *XAIAuth

NewXAIAuth creates an xAI OAuth helper using config proxy settings.

func NewXAIAuthWithProxyURL

func NewXAIAuthWithProxyURL(cfg *config.Config, proxyURL string) *XAIAuth

NewXAIAuthWithProxyURL creates an xAI OAuth helper with an explicit proxy URL.

func (*XAIAuth) CreateTokenStorage

func (a *XAIAuth) CreateTokenStorage(bundle *AuthBundle) *TokenStorage

CreateTokenStorage converts an auth bundle into persistable storage.

func (*XAIAuth) Discover

func (a *XAIAuth) Discover(ctx context.Context) (*Discovery, error)

Discover resolves xAI OAuth endpoints through OIDC discovery.

func (*XAIAuth) PollForToken added in v7.2.64

func (a *XAIAuth) PollForToken(ctx context.Context, deviceCode *DeviceCodeResponse) (*TokenData, error)

PollForToken polls the token endpoint until the user authorizes or the device code expires.

func (*XAIAuth) RefreshTokens

func (a *XAIAuth) RefreshTokens(ctx context.Context, refreshToken, tokenEndpoint string) (*TokenData, error)

RefreshTokens refreshes an xAI access token.

func (*XAIAuth) RequestDeviceCode added in v7.2.64

func (a *XAIAuth) RequestDeviceCode(ctx context.Context, deviceAuthorizationEndpoint, tokenEndpoint string) (*DeviceCodeResponse, error)

RequestDeviceCode requests a device authorization code from the given endpoint.

func (*XAIAuth) StartDeviceFlow added in v7.2.64

func (a *XAIAuth) StartDeviceFlow(ctx context.Context) (*DeviceCodeResponse, error)

StartDeviceFlow requests a device code from xAI.

func (*XAIAuth) WaitForAuthorization added in v7.2.64

func (a *XAIAuth) WaitForAuthorization(ctx context.Context, deviceCode *DeviceCodeResponse) (*AuthBundle, error)

WaitForAuthorization polls until the user authorizes the device code and returns tokens.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL