oauth

package

v0.0.0-...-dfaa4dd Latest Latest Go to latest Published: Apr 22, 2026 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/sourcegraph/src-cli

Links

Open Source Insights

Documentation ¶

Overview ¶

Package oauthimplements the OAuth 2.0 Device Authorization Grant (RFC 8628) for authenticating with Sourcegraph instances.

Index ¶

Constants
func IsOAuthTransport(trp http.RoundTripper) bool
func StoreToken(ctx context.Context, token *Token) error
type Client
- func NewClient(clientID string) Client
- func NewClientWithHTTPClient(clientID string, c *http.Client) Client
type DeviceAuthResponse
type ErrorResponse
type OIDCConfiguration
type PollError
- func (e *PollError) Error() string
type Token
- func LoadToken(ctx context.Context, endpointURL *url.URL) (*Token, error)
- func (t *Token) EndpointURL() (*url.URL, error)
- func (t *Token) ExpiringIn(d time.Duration) bool
- func (t *Token) HasExpired() bool
type TokenRefresher
- func NewTokenRefresher(token *Token) *TokenRefresher
- func (r *TokenRefresher) GetToken(ctx context.Context) (Token, error)
type TokenResponse
- func (t *TokenResponse) Token(endpointURL *url.URL) *Token
type Transport
- func NewTransport(base http.RoundTripper, token *Token) *Transport
- func (t *Transport) RoundTrip(req *http.Request) (*http.Response, error)

Constants ¶

View Source

const (
	// DefaultClientID is a predefined Client ID built into Sourcegraph
	DefaultClientID = "sgo_cid_sourcegraph-cli"

	GrantTypeDeviceCode string = "urn:ietf:params:oauth:grant-type:device_code"

	ScopeOpenID        string = "openid"
	ScopeProfile       string = "profile"
	ScopeEmail         string = "email"
	ScopeOfflineAccess string = "offline_access"
	ScopeUserAll       string = "user:all"
)

Variables ¶

This section is empty.

Functions ¶

func IsOAuthTransport ¶

func IsOAuthTransport(trp http.RoundTripper) bool

IsOAuthTransport checks wether the underlying type of the given RoundTripper is a OAuthTransport

func StoreToken ¶

func StoreToken(ctx context.Context, token *Token) error

Types ¶

type Client ¶

type Client interface {
	ClientID() string
	Discover(ctx context.Context, endpointURL *url.URL) (*OIDCConfiguration, error)
	Start(ctx context.Context, endpointURL *url.URL, scopes []string) (*DeviceAuthResponse, error)
	Poll(ctx context.Context, endpointURL *url.URL, deviceCode string, interval time.Duration, expiresIn int) (*TokenResponse, error)
	Refresh(ctx context.Context, token *Token) (*TokenResponse, error)
}

func NewClient ¶

func NewClient(clientID string) Client

func NewClientWithHTTPClient ¶

func NewClientWithHTTPClient(clientID string, c *http.Client) Client

type DeviceAuthResponse ¶

type DeviceAuthResponse struct {
	DeviceCode              string `json:"device_code"`
	UserCode                string `json:"user_code"`
	VerificationURI         string `json:"verification_uri"`
	VerificationURIComplete string `json:"verification_uri_complete,omitempty"`
	ExpiresIn               int    `json:"expires_in"`
	Interval                int    `json:"interval"`
}

type ErrorResponse ¶

type ErrorResponse struct {
	Error            string `json:"error"`
	ErrorDescription string `json:"error_description,omitempty"`
}

type OIDCConfiguration ¶

type OIDCConfiguration struct {
	Issuer                      string `json:"issuer,omitempty"`
	TokenEndpoint               string `json:"token_endpoint,omitempty"`
	DeviceAuthorizationEndpoint string `json:"device_authorization_endpoint,omitempty"`
}

OIDCConfiguration represents the relevant fields from the OpenID Connect Discovery document at /.well-known/openid-configuration

type PollError ¶

type PollError struct {
	Code        string
	Description string
}

func (*PollError) Error ¶

func (e *PollError) Error() string

type Token ¶

type Token struct {
	Endpoint     string    `json:"endpoint"`
	ClientID     string    `json:"client_id,omitempty"`
	AccessToken  string    `json:"access_token"`
	RefreshToken string    `json:"refresh_token,omitempty"`
	ExpiresAt    time.Time `json:"expires_at"`
}

func LoadToken ¶

func LoadToken(ctx context.Context, endpointURL *url.URL) (*Token, error)

func (*Token) EndpointURL ¶

func (t *Token) EndpointURL() (*url.URL, error)

func (*Token) ExpiringIn ¶

func (t *Token) ExpiringIn(d time.Duration) bool

func (*Token) HasExpired ¶

func (t *Token) HasExpired() bool

type TokenRefresher ¶

type TokenRefresher struct {
	// contains filtered or unexported fields
}

func NewTokenRefresher ¶

func NewTokenRefresher(token *Token) *TokenRefresher

func (*TokenRefresher) GetToken ¶

func (r *TokenRefresher) GetToken(ctx context.Context) (Token, error)

GetToken returns a value copy of the token. If the token has expired or expiring soon it will be refreshed before returning. Once the token is refreshed, the in-memory token is updated and a best effort is made to store the token.

If storing the token fails, no error is returned. An error is only returned if refreshing the token fails.

type TokenResponse ¶

type TokenResponse struct {
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token,omitempty"`
	ExpiresIn    int    `json:"expires_in,omitempty"`
	TokenType    string `json:"token_type"`
	Scope        string `json:"scope,omitempty"`
}

func (*TokenResponse) Token ¶

func (t *TokenResponse) Token(endpointURL *url.URL) *Token

type Transport ¶

type Transport struct {
	Base http.RoundTripper
	// contains filtered or unexported fields
}

func NewTransport ¶

func NewTransport(base http.RoundTripper, token *Token) *Transport

func (*Transport) RoundTrip ¶

func (t *Transport) RoundTrip(req *http.Request) (*http.Response, error)

RoundTrip implements http.RoundTripper.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL