oauth2

package
v0.6.17 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 24, 2017 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessTokenStorage

type AccessTokenStorage interface {
	CreateAccessTokenSession(ctx context.Context, signature string, request fosite.Requester) (err error)

	GetAccessTokenSession(ctx context.Context, signature string, session fosite.Session) (request fosite.Requester, err error)

	DeleteAccessTokenSession(ctx context.Context, signature string) (err error)
}

type AccessTokenStrategy

type AccessTokenStrategy interface {
	AccessTokenSignature(token string) string
	GenerateAccessToken(ctx context.Context, requester fosite.Requester) (token string, signature string, err error)
	ValidateAccessToken(ctx context.Context, requester fosite.Requester, token string) (err error)
}

type AuthorizeCodeGrantStorage

type AuthorizeCodeGrantStorage interface {
	AuthorizeCodeStorage

	PersistAuthorizeCodeGrantSession(ctx context.Context, authorizeCode, accessSignature, refreshSignature string, request fosite.Requester) error
}

type AuthorizeCodeStorage

type AuthorizeCodeStorage interface {
	CreateAuthorizeCodeSession(ctx context.Context, code string, request fosite.Requester) (err error)

	GetAuthorizeCodeSession(ctx context.Context, code string, session fosite.Session) (request fosite.Requester, err error)

	DeleteAuthorizeCodeSession(ctx context.Context, code string) (err error)
}

type AuthorizeCodeStrategy

type AuthorizeCodeStrategy interface {
	AuthorizeCodeSignature(token string) string
	GenerateAuthorizeCode(ctx context.Context, requester fosite.Requester) (token string, signature string, err error)
	ValidateAuthorizeCode(ctx context.Context, requester fosite.Requester, token string) (err error)
}

type AuthorizeExplicitGrantHandler

type AuthorizeExplicitGrantHandler struct {
	AccessTokenStrategy   AccessTokenStrategy
	RefreshTokenStrategy  RefreshTokenStrategy
	AuthorizeCodeStrategy AuthorizeCodeStrategy

	// AuthorizeCodeGrantStorage is used to persist session data across requests.
	AuthorizeCodeGrantStorage AuthorizeCodeGrantStorage

	// AuthCodeLifespan defines the lifetime of an authorize code.
	AuthCodeLifespan time.Duration

	// AccessTokenLifespan defines the lifetime of an access token.
	AccessTokenLifespan time.Duration

	ScopeStrategy fosite.ScopeStrategy
}

AuthorizeExplicitGrantTypeHandler is a response handler for the Authorize Code grant using the explicit grant type as defined in https://tools.ietf.org/html/rfc6749#section-4.1

func (*AuthorizeExplicitGrantHandler) HandleAuthorizeEndpointRequest

func (c *AuthorizeExplicitGrantHandler) HandleAuthorizeEndpointRequest(ctx context.Context, req *http.Request, ar fosite.AuthorizeRequester, resp fosite.AuthorizeResponder) error

func (*AuthorizeExplicitGrantHandler) HandleTokenEndpointRequest

func (c *AuthorizeExplicitGrantHandler) HandleTokenEndpointRequest(ctx context.Context, r *http.Request, request fosite.AccessRequester) error

HandleTokenEndpointRequest implements * https://tools.ietf.org/html/rfc6749#section-4.1.3 (everything)

func (*AuthorizeExplicitGrantHandler) IssueAuthorizeCode

func (*AuthorizeExplicitGrantHandler) PopulateTokenEndpointResponse

func (c *AuthorizeExplicitGrantHandler) PopulateTokenEndpointResponse(ctx context.Context, req *http.Request, requester fosite.AccessRequester, responder fosite.AccessResponder) error

type AuthorizeImplicitGrantTypeHandler

type AuthorizeImplicitGrantTypeHandler struct {
	AccessTokenStrategy AccessTokenStrategy

	// ImplicitGrantStorage is used to persist session data across requests.
	AccessTokenStorage AccessTokenStorage

	// AccessTokenLifespan defines the lifetime of an access token.
	AccessTokenLifespan time.Duration

	ScopeStrategy fosite.ScopeStrategy
}

AuthorizeImplicitGrantTypeHandler is a response handler for the Authorize Code grant using the implicit grant type as defined in https://tools.ietf.org/html/rfc6749#section-4.2

func (*AuthorizeImplicitGrantTypeHandler) HandleAuthorizeEndpointRequest

func (*AuthorizeImplicitGrantTypeHandler) IssueImplicitAccessToken

type ClientCredentialsGrantHandler

type ClientCredentialsGrantHandler struct {
	*HandleHelper
	ScopeStrategy fosite.ScopeStrategy
}

func (*ClientCredentialsGrantHandler) HandleTokenEndpointRequest

func (c *ClientCredentialsGrantHandler) HandleTokenEndpointRequest(_ context.Context, r *http.Request, request fosite.AccessRequester) error

IntrospectTokenEndpointRequest implements https://tools.ietf.org/html/rfc6749#section-4.4.2

func (*ClientCredentialsGrantHandler) PopulateTokenEndpointResponse

func (c *ClientCredentialsGrantHandler) PopulateTokenEndpointResponse(ctx context.Context, r *http.Request, request fosite.AccessRequester, response fosite.AccessResponder) error

PopulateTokenEndpointResponse implements https://tools.ietf.org/html/rfc6749#section-4.4.3

type ClientCredentialsGrantStorage

type ClientCredentialsGrantStorage interface {
	AccessTokenStorage
}

type CoreValidator

type CoreValidator struct {
	CoreStrategy
	CoreStorage
	ScopeStrategy fosite.ScopeStrategy
}

func (*CoreValidator) IntrospectToken added in v0.4.0

func (c *CoreValidator) IntrospectToken(ctx context.Context, token string, tokenType fosite.TokenType, accessRequest fosite.AccessRequester, scopes []string) (err error)

type HMACSHAStrategy

type HMACSHAStrategy struct {
	Enigma                *enigma.HMACStrategy
	AccessTokenLifespan   time.Duration
	AuthorizeCodeLifespan time.Duration
}

func (HMACSHAStrategy) AccessTokenSignature

func (h HMACSHAStrategy) AccessTokenSignature(token string) string

func (HMACSHAStrategy) AuthorizeCodeSignature

func (h HMACSHAStrategy) AuthorizeCodeSignature(token string) string

func (HMACSHAStrategy) GenerateAccessToken

func (h HMACSHAStrategy) GenerateAccessToken(_ context.Context, _ fosite.Requester) (token string, signature string, err error)

func (HMACSHAStrategy) GenerateAuthorizeCode

func (h HMACSHAStrategy) GenerateAuthorizeCode(_ context.Context, _ fosite.Requester) (token string, signature string, err error)

func (HMACSHAStrategy) GenerateRefreshToken

func (h HMACSHAStrategy) GenerateRefreshToken(_ context.Context, _ fosite.Requester) (token string, signature string, err error)

func (HMACSHAStrategy) RefreshTokenSignature

func (h HMACSHAStrategy) RefreshTokenSignature(token string) string

func (HMACSHAStrategy) ValidateAccessToken

func (h HMACSHAStrategy) ValidateAccessToken(_ context.Context, r fosite.Requester, token string) (err error)

func (HMACSHAStrategy) ValidateAuthorizeCode

func (h HMACSHAStrategy) ValidateAuthorizeCode(_ context.Context, r fosite.Requester, token string) (err error)

func (HMACSHAStrategy) ValidateRefreshToken

func (h HMACSHAStrategy) ValidateRefreshToken(_ context.Context, _ fosite.Requester, token string) (err error)

type HandleHelper

type HandleHelper struct {
	AccessTokenStrategy AccessTokenStrategy
	AccessTokenStorage  AccessTokenStorage
	AccessTokenLifespan time.Duration
}

func (*HandleHelper) IssueAccessToken

func (h *HandleHelper) IssueAccessToken(ctx context.Context, req *http.Request, requester fosite.AccessRequester, responder fosite.AccessResponder) error

type ImplicitGrantStorage

type ImplicitGrantStorage interface {
	CreateImplicitAccessTokenSession(ctx context.Context, token string, request fosite.Requester) (err error)
}

type JWTAccessTokenStrategy added in v0.6.17

type JWTAccessTokenStrategy interface {
	AccessTokenStrategy
	JWTStrategy
}

type JWTSession

type JWTSession struct {
	JWTClaims *jwt.JWTClaims
	JWTHeader *jwt.Headers
	ExpiresAt map[fosite.TokenType]time.Time
	Username  string
	Subject   string
}

JWTSession Container for the JWT session.

func (*JWTSession) Clone added in v0.6.0

func (s *JWTSession) Clone() fosite.Session

func (*JWTSession) GetExpiresAt added in v0.5.0

func (s *JWTSession) GetExpiresAt(key fosite.TokenType) time.Time

func (*JWTSession) GetJWTClaims

func (j *JWTSession) GetJWTClaims() *jwt.JWTClaims

func (*JWTSession) GetJWTHeader

func (j *JWTSession) GetJWTHeader() *jwt.Headers

func (*JWTSession) GetSubject added in v0.5.0

func (s *JWTSession) GetSubject() string

func (*JWTSession) GetUsername added in v0.5.0

func (s *JWTSession) GetUsername() string

func (*JWTSession) SetExpiresAt added in v0.5.0

func (s *JWTSession) SetExpiresAt(key fosite.TokenType, exp time.Time)

type JWTSessionContainer

type JWTSessionContainer interface {
	// GetJWTClaims returns the claims.
	GetJWTClaims() *jwt.JWTClaims

	// GetJWTHeader returns the header.
	GetJWTHeader() *jwt.Headers

	fosite.Session
}

type JWTStrategy added in v0.6.17

type JWTStrategy interface {
	ValidateJWT(tokenType fosite.TokenType, token string) (requester fosite.Requester, err error)
}

type RS256JWTStrategy

type RS256JWTStrategy struct {
	*jwt.RS256JWTStrategy
	Issuer string
}

RS256JWTStrategy is a JWT RS256 strategy.

func (RS256JWTStrategy) AccessTokenSignature

func (h RS256JWTStrategy) AccessTokenSignature(token string) string

func (RS256JWTStrategy) AuthorizeCodeSignature

func (h RS256JWTStrategy) AuthorizeCodeSignature(token string) string

func (*RS256JWTStrategy) GenerateAccessToken

func (h *RS256JWTStrategy) GenerateAccessToken(_ context.Context, requester fosite.Requester) (token string, signature string, err error)

func (*RS256JWTStrategy) GenerateAuthorizeCode

func (h *RS256JWTStrategy) GenerateAuthorizeCode(_ context.Context, requester fosite.Requester) (token string, signature string, err error)

func (*RS256JWTStrategy) GenerateRefreshToken

func (h *RS256JWTStrategy) GenerateRefreshToken(_ context.Context, requester fosite.Requester) (token string, signature string, err error)

func (RS256JWTStrategy) RefreshTokenSignature

func (h RS256JWTStrategy) RefreshTokenSignature(token string) string

func (*RS256JWTStrategy) ValidateAccessToken

func (h *RS256JWTStrategy) ValidateAccessToken(_ context.Context, _ fosite.Requester, token string) error

func (*RS256JWTStrategy) ValidateAuthorizeCode

func (h *RS256JWTStrategy) ValidateAuthorizeCode(_ context.Context, requester fosite.Requester, token string) error

func (*RS256JWTStrategy) ValidateJWT added in v0.6.17

func (h *RS256JWTStrategy) ValidateJWT(tokenType fosite.TokenType, token string) (requester fosite.Requester, err error)

func (*RS256JWTStrategy) ValidateRefreshToken

func (h *RS256JWTStrategy) ValidateRefreshToken(_ context.Context, _ fosite.Requester, token string) error

type RefreshTokenGrantHandler

type RefreshTokenGrantHandler struct {
	AccessTokenStrategy AccessTokenStrategy

	RefreshTokenStrategy RefreshTokenStrategy

	// RefreshTokenGrantStorage is used to persist session data across requests.
	RefreshTokenGrantStorage RefreshTokenGrantStorage

	// AccessTokenLifespan defines the lifetime of an access token.
	AccessTokenLifespan time.Duration
}

func (*RefreshTokenGrantHandler) HandleTokenEndpointRequest

func (c *RefreshTokenGrantHandler) HandleTokenEndpointRequest(ctx context.Context, req *http.Request, request fosite.AccessRequester) error

HandleTokenEndpointRequest implements https://tools.ietf.org/html/rfc6749#section-6

func (*RefreshTokenGrantHandler) PopulateTokenEndpointResponse

func (c *RefreshTokenGrantHandler) PopulateTokenEndpointResponse(ctx context.Context, req *http.Request, requester fosite.AccessRequester, responder fosite.AccessResponder) error

PopulateTokenEndpointResponse implements https://tools.ietf.org/html/rfc6749#section-6

type RefreshTokenGrantStorage

type RefreshTokenGrantStorage interface {
	RefreshTokenStorage
	PersistRefreshTokenGrantSession(ctx context.Context, requestRefreshSignature, accessSignature, refreshSignature string, request fosite.Requester) error
}

type RefreshTokenStorage

type RefreshTokenStorage interface {
	CreateRefreshTokenSession(ctx context.Context, signature string, request fosite.Requester) (err error)

	GetRefreshTokenSession(ctx context.Context, signature string, session fosite.Session) (request fosite.Requester, err error)

	DeleteRefreshTokenSession(ctx context.Context, signature string) (err error)
}

type RefreshTokenStrategy

type RefreshTokenStrategy interface {
	RefreshTokenSignature(token string) string
	GenerateRefreshToken(ctx context.Context, requester fosite.Requester) (token string, signature string, err error)
	ValidateRefreshToken(ctx context.Context, requester fosite.Requester, token string) (err error)
}

type ResourceOwnerPasswordCredentialsGrantHandler

type ResourceOwnerPasswordCredentialsGrantHandler struct {
	// ResourceOwnerPasswordCredentialsGrantStorage is used to persist session data across requests.
	ResourceOwnerPasswordCredentialsGrantStorage ResourceOwnerPasswordCredentialsGrantStorage

	RefreshTokenStrategy RefreshTokenStrategy
	ScopeStrategy        fosite.ScopeStrategy

	*HandleHelper
}

func (*ResourceOwnerPasswordCredentialsGrantHandler) HandleTokenEndpointRequest

func (c *ResourceOwnerPasswordCredentialsGrantHandler) HandleTokenEndpointRequest(ctx context.Context, req *http.Request, request fosite.AccessRequester) error

HandleTokenEndpointRequest implements https://tools.ietf.org/html/rfc6749#section-4.3.2

func (*ResourceOwnerPasswordCredentialsGrantHandler) PopulateTokenEndpointResponse

func (c *ResourceOwnerPasswordCredentialsGrantHandler) PopulateTokenEndpointResponse(ctx context.Context, req *http.Request, requester fosite.AccessRequester, responder fosite.AccessResponder) error

PopulateTokenEndpointResponse implements https://tools.ietf.org/html/rfc6749#section-4.3.3

type ResourceOwnerPasswordCredentialsGrantStorage

type ResourceOwnerPasswordCredentialsGrantStorage interface {
	Authenticate(ctx context.Context, name string, secret string) error
	AccessTokenStorage
	RefreshTokenStorage
}

type StatelessJWTValidator added in v0.6.17

type StatelessJWTValidator struct {
	JWTAccessTokenStrategy
	ScopeStrategy fosite.ScopeStrategy
}

func (*StatelessJWTValidator) IntrospectToken added in v0.6.17

func (v *StatelessJWTValidator) IntrospectToken(ctx context.Context, token string, tokenType fosite.TokenType, accessRequest fosite.AccessRequester, scopes []string) (err error)

func (*StatelessJWTValidator) RevokeToken added in v0.6.17

func (v *StatelessJWTValidator) RevokeToken(ctx context.Context, token string, tokenType fosite.TokenType) error

Revocation is not supported with the stateless validator. If you need revocation, use the CoreValidator struct instead.

type TokenRevocationHandler added in v0.4.0

type TokenRevocationHandler struct {
	TokenRevocationStorage TokenRevocationStorage
	RefreshTokenStrategy   RefreshTokenStrategy
	AccessTokenStrategy    AccessTokenStrategy
}

func (*TokenRevocationHandler) RevokeToken added in v0.4.0

func (r *TokenRevocationHandler) RevokeToken(ctx context.Context, token string, tokenType fosite.TokenType) error

RevokeToken implements https://tools.ietf.org/html/rfc7009#section-2.1 The token type hint indicates which token type check should be performed first.

type TokenRevocationStorage added in v0.4.0

type TokenRevocationStorage interface {
	RefreshTokenStorage
	AccessTokenStorage

	// RevokeRefreshToken revokes a refresh token as specified in:
	// https://tools.ietf.org/html/rfc7009#section-2.1
	// If the particular
	// token is a refresh token and the authorization server supports the
	// revocation of access tokens, then the authorization server SHOULD
	// also invalidate all access tokens based on the same authorization
	// grant (see Implementation Note).
	RevokeRefreshToken(ctx context.Context, requestID string) error

	// RevokeAccessToken revokes an access token as specified in:
	// https://tools.ietf.org/html/rfc7009#section-2.1
	// If the token passed to the request
	// is an access token, the server MAY revoke the respective refresh
	// token as well.
	RevokeAccessToken(ctx context.Context, requestID string) error
}

TokenRevocationStorage provides the storage implementation as specified in: https://tools.ietf.org/html/rfc7009

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL