GO-2024-3044: lorawan-stack Open Redirect vulnerability in go.thethings.network/lorawan-stack

oauthclient

package

v3.8.4 Latest Latest Go to latest Published: Jun 12, 2020 License: Apache-2.0 Imports: 20 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/TheThingsNetwork/lorawan-stack

Links

Open Source Insights

Documentation ¶

Index ¶

type Config
type OAuthClient
- func New(c *component.Component, config Config) (*OAuthClient, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	AuthorizeURL string `name:"authorize-url" description:"The OAuth Authorize URL"`
	LogoutURL    string `name:"logout-url" description:"The OAuth Logout URL"`
	TokenURL     string `name:"token-url" description:"The OAuth Token Exchange URL"`
	RootURL      string `name:"-"`

	ClientID     string `name:"client-id" description:"The OAuth client ID"`
	ClientSecret string `name:"client-secret" description:"The OAuth client secret" json:"-"`

	StateCookieName string `name:"-"`
	AuthCookieName  string `name:"-"`
}

Config is the configuration for the OAuth client.

type OAuthClient ¶

type OAuthClient struct {
	// contains filtered or unexported fields
}

OAuthClient is the OAuth client component.

func New ¶

func New(c *component.Component, config Config) (*OAuthClient, error)

New returns a new OAuth client instance.

func (*OAuthClient) AuthCookie ¶

func (oc *OAuthClient) AuthCookie() *cookie.Cookie

AuthCookie returns a new authCookie.

func (*OAuthClient) HandleCallback ¶

func (oc *OAuthClient) HandleCallback(c echo.Context) error

HandleCallback is a handler that takes the auth code and exchanges it for the access token.

func (*OAuthClient) HandleLogin ¶

func (oc *OAuthClient) HandleLogin(c echo.Context) error

HandleLogin is the handler for redirecting the user to the authorization endpoint.

func (*OAuthClient) HandleLogout ¶

func (oc *OAuthClient) HandleLogout(c echo.Context) error

HandleLogout invalidates the user's authorization, removes the auth cookie and provides a URL to logout of the OAuth provider as well.

func (*OAuthClient) HandleToken ¶

func (oc *OAuthClient) HandleToken(c echo.Context) error

HandleToken is a handler that returns a valid OAuth token. It reads the token from the authorization cookie and refreshes it if needed. If the cookie is not there, it returns a 401 Unauthorized error.

func (*OAuthClient) StateCookie ¶

func (oc *OAuthClient) StateCookie() *cookie.Cookie

StateCookie returns the cookie storing the state of the console.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL