Documentation
¶
Index ¶
Constants ¶
View Source
const ( EnvStateHMAC = "STATE_HMAC" StateCodecTTL = 2 * time.Minute DefaultStateHMAC = "91df202ecc9b45b8b0209e60891098b5" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type StateCodec ¶
StateCodec is a state token encoder/decoder.
func GetStateCodec ¶
func GetStateCodec() *StateCodec
func (*StateCodec) Decode ¶
func (c *StateCodec) Decode(s string) (StatePayload, error)
Decode decodes a state payload from a base64 encoded string.
func (*StateCodec) Encode ¶
func (c *StateCodec) Encode(sp StatePayload) (string, error)
Encode encodes a state payload with HMAC signing and base64 encoding.
type StatePayload ¶
type StatePayload struct {
// Provider is the name of the OAuth provider.
Provider string `json:"provider"`
// Nonce is a unique value to prevent replay attacks.
Nonce string `json:"nonce"`
// CSRF is a value to prevent CSRF attacks.
CSRF string `json:"csrf"`
// PKCE is the Proof Key for Code Exchange, used in OAuth 2.0 PKCE flows.
PKCE *oauthgoutils.PKCE `json:"pkce,omitempty"`
// Redirect is the URL to redirect the user to after authentication.
Redirect string `json:"redirect"`
// IssuedAt is the timestamp when the state was issued.
IssuedAt int64 `json:"iat"`
// Extras is a map of additional data that can be included in the state.
// This can be used to pass custom parameters or data that the application needs.
Extras map[string]string `json:"extras,omitempty"`
// ReturnTo is the dynamic url to redirect the user to after authentication.
ReturnTo string
}
StatePayload is the payload of a state token.
Source Files
Click to show internal directories.
Click to hide internal directories.