authentication

package
v0.110.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 9, 2026 License: MIT Imports: 11 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthorizationServerMetadata added in v0.110.0 

type AuthorizationServerMetadata struct {
	// Issuer is the authorization server's issuer identifier, which is a URL.
	Issuer string `json:"issuer"`
	// AuthorizationEndpoint is the URL of the authorization server's authorization endpoint.
	AuthorizationEndpoint string `json:"authorization_endpoint"`
	// TokenEndpoint is the URL of the authorization server's token endpoint.
	TokenEndpoint string `json:"token_endpoint"`
	// CodeChallengeMethodsSupported lists PKCE code challenge methods supported by this authorization server.
	CodeChallengeMethodsSupported []string `json:"code_challenge_methods_supported"`
}

AuthorizationServerMetadata represents a subset of the metadata provided by an OAuth 2.0 Authorization Server. See RFC 8414, Section 2 for the full specification: https://datatracker.ietf.org/doc/html/rfc8414#section-2

func GetAuthorizationServerMetadata added in v0.110.0 

func GetAuthorizationServerMetadata(ctx context.Context, authorizationServerURL string) (*AuthorizationServerMetadata, error)

GetAuthorizationServerMetadata retrieves OAuth 2.0 authorization server metadata from the well-known endpoint.

type InsecureStaticProvider 

type InsecureStaticProvider struct {
	AccessToken string
}

InsecureStaticProvider is an insecure implementation of Provider that always returns the same static access token and does not provide/enforce transport security. This provider is only suitable for testing against LocalNet or other non-production environments.

func NewInsecureStaticProvider 

func NewInsecureStaticProvider(accessToken string) InsecureStaticProvider

func (InsecureStaticProvider) PerRPCCredentials 

func (i InsecureStaticProvider) PerRPCCredentials() credentials.PerRPCCredentials

func (InsecureStaticProvider) TokenSource 

func (i InsecureStaticProvider) TokenSource() oauth2.TokenSource

func (InsecureStaticProvider) TransportCredentials 

func (i InsecureStaticProvider) TransportCredentials() credentials.TransportCredentials

type Provider 

type Provider interface {
	// TokenSource returns an oauth2.TokenSource that can be used to retrieve access tokens for authenticating with the participant's API endpoints.
	TokenSource() oauth2.TokenSource
	// TransportCredentials returns gRPC transport credentials to be used when connecting to the participant's RPC endpoints.
	TransportCredentials() credentials.TransportCredentials
	// PerRPCCredentials returns gRPC per-RPC credentials to be used when connecting to the participant's gRPC endpoints.
	PerRPCCredentials() credentials.PerRPCCredentials
}

Provider provides authentication credentials for connecting to a Canton participant's API endpoints. The Provider acts as both a raw token-source for HTTP API authentication, and a gRPC credentials provider for gRPC endpoint authentication.

Implementations of this interface can implement different means of fetching and refreshing authentication tokens, as well as enforcing different levels of transport security. The specific implementation of the Provider should be chosen based on the environment being connected to (e.g. LocalNet vs. production, i.e. CI/OIDC).

type StaticProvider added in v0.83.0 

type StaticProvider struct {
	AccessToken string
}

StaticProvider is a secure implementation of Provider that returns a static access token and enforces TLS transport security. This provider is suitable for remote environments.

func NewStaticProvider added in v0.83.0 

func NewStaticProvider(accessToken string) StaticProvider

func (StaticProvider) PerRPCCredentials added in v0.83.0 

func (s StaticProvider) PerRPCCredentials() credentials.PerRPCCredentials

func (StaticProvider) TokenSource added in v0.83.0 

func (s StaticProvider) TokenSource() oauth2.TokenSource

func (StaticProvider) TransportCredentials added in v0.83.0 

func (s StaticProvider) TransportCredentials() credentials.TransportCredentials

Source Files

View all Source files

Directories

Path Synopsis
Package authorizationcode provides OAuth2 authorization code flow authentication for Canton gRPC connections.
 Package authorizationcode provides OAuth2 authorization code flow authentication for Canton gRPC connections.
Package clientcredentials provides OAuth2 client credentials flow authentication for Canton gRPC connections.
 Package clientcredentials provides OAuth2 client credentials flow authentication for Canton gRPC connections.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.