stsexchange

package

v0.10.1 Latest Latest Go to latest Published: Nov 6, 2024 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/googleapis/google-cloud-go

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
type ClientAuthentication
- func (c *ClientAuthentication) InjectAuthentication(values url.Values, headers http.Header)
type Options
type TokenRequest
type TokenResponse
- func ExchangeToken(ctx context.Context, opts *Options) (*TokenResponse, error)
- func RefreshAccessToken(ctx context.Context, opts *Options) (*TokenResponse, error)

Constants ¶

View Source

const (
	// GrantType for a sts exchange.
	GrantType = "urn:ietf:params:oauth:grant-type:token-exchange"
	// TokenType for a sts exchange.
	TokenType = "urn:ietf:params:oauth:token-type:access_token"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type ClientAuthentication ¶

type ClientAuthentication struct {
	AuthStyle    auth.Style
	ClientID     string
	ClientSecret string
}

ClientAuthentication represents an OAuth client ID and secret and the mechanism for passing these credentials as stated in rfc6749#2.3.1.

func (*ClientAuthentication) InjectAuthentication ¶

func (c *ClientAuthentication) InjectAuthentication(values url.Values, headers http.Header)

InjectAuthentication is used to add authentication to a Secure Token Service exchange request. It modifies either the passed url.Values or http.Header depending on the desired authentication format.

type Options ¶

type Options struct {
	Client         *http.Client
	Endpoint       string
	Request        *TokenRequest
	Authentication ClientAuthentication
	Headers        http.Header
	// ExtraOpts are optional fields marshalled into the `options` field of the
	// request body.
	ExtraOpts    map[string]interface{}
	RefreshToken string
}

Options stores the configuration for making an sts exchange request.

type TokenRequest ¶

type TokenRequest struct {
	ActingParty struct {
		ActorToken     string
		ActorTokenType string
	}
	GrantType          string
	Resource           string
	Audience           string
	Scope              []string
	RequestedTokenType string
	SubjectToken       string
	SubjectTokenType   string
}

TokenRequest contains fields necessary to make an oauth2 token exchange.

type TokenResponse ¶

type TokenResponse struct {
	AccessToken     string `json:"access_token"`
	IssuedTokenType string `json:"issued_token_type"`
	TokenType       string `json:"token_type"`
	ExpiresIn       int    `json:"expires_in"`
	Scope           string `json:"scope"`
	RefreshToken    string `json:"refresh_token"`
}

TokenResponse is used to decode the remote server response during an oauth2 token exchange.

func ExchangeToken ¶

func ExchangeToken(ctx context.Context, opts *Options) (*TokenResponse, error)

ExchangeToken performs an oauth2 token exchange with the provided endpoint.

func RefreshAccessToken ¶

func RefreshAccessToken(ctx context.Context, opts *Options) (*TokenResponse, error)

RefreshAccessToken performs the token exchange using a refresh token flow.

Source Files ¶

View all Source files

sts_exchange.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL