oauthutil

package
v0.0.0-...-b4aeae5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 7, 2024 License: MIT Imports: 21 Imported by: 0

Documentation

Overview

Package oauthutil provides OAuth utilities.

Index

Constants

View Source
const (
	// TitleBarRedirectURL is the OAuth2 redirect URL to use when the authorization
	// code should be returned in the title bar of the browser, with the page text
	// prompting the user to copy the code and paste it in the application.
	TitleBarRedirectURL = "urn:ietf:wg:oauth:2.0:oob"

	// RedirectURL is redirect to local webserver when active
	RedirectURL = "http://" + bindAddress + "/"

	// RedirectPublicURL is redirect to local webserver when active with public name
	RedirectPublicURL = "http://localhost.rclone.org:" + bindPort + "/"

	// RedirectLocalhostURL is redirect to local webserver when active with localhost
	RedirectLocalhostURL = "http://localhost:" + bindPort + "/"

	// RedirectPublicSecureURL is a public https URL which
	// redirects to the local webserver
	RedirectPublicSecureURL = "https://oauth.rclone.org/"

	// DefaultAuthResponseTemplate is the default template used in the authorization webserver
	DefaultAuthResponseTemplate = `` /* 584-byte string literal not displayed */

)

Variables

View Source
var SharedOptions = []fs.Option{{
	Name:      config.ConfigClientID,
	Help:      "OAuth Client Id.\n\nLeave blank normally.",
	Sensitive: true,
}, {
	Name:      config.ConfigClientSecret,
	Help:      "OAuth Client Secret.\n\nLeave blank normally.",
	Sensitive: true,
}, {
	Name:      config.ConfigToken,
	Help:      "OAuth Access Token as a JSON blob.",
	Advanced:  true,
	Sensitive: true,
}, {
	Name:     config.ConfigAuthURL,
	Help:     "Auth server URL.\n\nLeave blank to use the provider defaults.",
	Advanced: true,
}, {
	Name:     config.ConfigTokenURL,
	Help:     "Token server url.\n\nLeave blank to use the provider defaults.",
	Advanced: true,
}, {
	Name:     config.ConfigDeviceURL,
	Help:     "Device grant server url.\n\nLeave blank to use the provider defaults.",
	Advanced: true,
}}

SharedOptions are shared between backends the utilize an OAuth flow

Functions

func ConfigOAuth

func ConfigOAuth(ctx context.Context, name string, m configmap.Mapper, ri *fs.RegInfo, in fs.ConfigIn) (*fs.ConfigOut, error)

ConfigOAuth does the oauth config specified in the config block

This is called with a state which has pushed on it

state prefixed with "*oauth"
state for oauth to return to
state that returned the OAuth when we wish to recall it
value that returned the OAuth

func ConfigOut

func ConfigOut(state string, oAuth *Options) (*fs.ConfigOut, error)

ConfigOut returns a config item suitable for the backend config

state is the place to return the config to oAuth is the config to run the oauth with

func Context

func Context(ctx context.Context, client *http.Client) context.Context

Context returns a context with our HTTP Client baked in for oauth2

func GetToken

func GetToken(name string, m configmap.Mapper) (*oauth2.Token, error)

GetToken returns the token saved in the config file under section name.

func PutToken

func PutToken(name string, m configmap.Mapper, token *oauth2.Token, newSection bool) error

PutToken stores the token in the config file

This saves the config file if it changes

Types

type AuthResult

type AuthResult struct {
	OK          bool // Failure or Success?
	Name        string
	Description string
	Code        string
	HelpURL     string
	Form        url.Values // the complete contents of the form
	Err         error      // any underlying error to report
}

AuthResult is returned from the web server after authorization success or failure

func (*AuthResult) Error

func (ar *AuthResult) Error() string

Error satisfies the error interface so AuthResult can be used as an error

type CheckAuthFn

type CheckAuthFn func(*oauth2.Config, *AuthResult) error

CheckAuthFn is called when a good Auth has been received

type Options

type Options struct {
	OAuth2Config    *oauth2.Config          // Basic config for oauth2
	NoOffline       bool                    // If set then "access_type=offline" parameter is not passed
	CheckAuth       CheckAuthFn             // When the AuthResult is known the checkAuth function is called if set
	OAuth2Opts      []oauth2.AuthCodeOption // extra oauth2 options
	StateBlankOK    bool                    // If set, state returned as "" is deemed to be OK
	DeviceGrantType string                  // If set, changes the default (rfc) grant type to the one specified
}

Options for the oauth config

type Renew

type Renew struct {
	// contains filtered or unexported fields
}

Renew allows tokens to be renewed on expiry if uploads are in progress.

func NewRenew

func NewRenew(name string, ts *TokenSource, run func() error) *Renew

NewRenew creates a new Renew struct and starts a background process which renews the token whenever it expires. It uses the run() call to run a transaction to do this.

It will only renew the token if the number of uploads > 0

func (*Renew) Expire

func (r *Renew) Expire() error

Expire expires the token source

func (*Renew) Invalidate

func (r *Renew) Invalidate()

Invalidate invalidates the token source

func (*Renew) Shutdown

func (r *Renew) Shutdown()

Shutdown stops the timer and no more renewal will take place.

func (*Renew) Start

func (r *Renew) Start()

Start should be called before starting an upload

func (*Renew) Stop

func (r *Renew) Stop()

Stop should be called after finishing an upload

type TokenSource

type TokenSource struct {
	// contains filtered or unexported fields
}

TokenSource stores updated tokens in the config file

func NewClient

func NewClient(ctx context.Context, name string, m configmap.Mapper, oauthConfig *oauth2.Config) (*http.Client, *TokenSource, error)

NewClient gets a token from the config file and configures a Client with it. It returns the client and a TokenSource which Invalidate may need to be called on

func NewClientWithBaseClient

func NewClientWithBaseClient(ctx context.Context, name string, m configmap.Mapper, config *oauth2.Config, baseClient *http.Client) (*http.Client, *TokenSource, error)

NewClientWithBaseClient gets a token from the config file and configures a Client with it. It returns the client and a TokenSource which Invalidate may need to be called on. It uses the httpClient passed in as the base client.

func (*TokenSource) Expire

func (ts *TokenSource) Expire() error

Expire marks the token as expired

This also marks the token in the config file as expired, if it is the same one

func (*TokenSource) Invalidate

func (ts *TokenSource) Invalidate()

Invalidate invalidates the token

func (*TokenSource) OnExpiry

func (ts *TokenSource) OnExpiry() <-chan time.Time

OnExpiry returns a channel which has the time written to it when the token expires. Note that there is only one channel so if attaching multiple go routines it will only signal to one of them.

func (*TokenSource) Token

func (ts *TokenSource) Token() (*oauth2.Token, error)

Token returns a token or an error. Token must be safe for concurrent use by multiple goroutines. The returned Token must not be modified.

This saves the token in the config file if it has changed

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL