Documentation ¶
Overview ¶
Package oauthutil provides OAuth utilities.
Index ¶
- Constants
- Variables
- func ConfigOAuth(ctx context.Context, name string, m configmap.Mapper, ri *fs.RegInfo, ...) (*fs.ConfigOut, error)
- func ConfigOut(state string, oAuth *Options) (*fs.ConfigOut, error)
- func Context(ctx context.Context, client *http.Client) context.Context
- func GetToken(name string, m configmap.Mapper) (*oauth2.Token, error)
- func PutToken(name string, m configmap.Mapper, token *oauth2.Token, newSection bool) error
- type AuthResult
- type CheckAuthFn
- type Options
- type Renew
- type TokenSource
Constants ¶
const ( // TitleBarRedirectURL is the OAuth2 redirect URL to use when the authorization // code should be returned in the title bar of the browser, with the page text // prompting the user to copy the code and paste it in the application. TitleBarRedirectURL = "urn:ietf:wg:oauth:2.0:oob" // RedirectURL is redirect to local webserver when active RedirectURL = "http://" + bindAddress + "/" // RedirectPublicURL is redirect to local webserver when active with public name RedirectPublicURL = "http://localhost.rclone.org:" + bindPort + "/" // RedirectLocalhostURL is redirect to local webserver when active with localhost RedirectLocalhostURL = "http://localhost:" + bindPort + "/" // RedirectPublicSecureURL is a public https URL which // redirects to the local webserver RedirectPublicSecureURL = "https://oauth.rclone.org/" // DefaultAuthResponseTemplate is the default template used in the authorization webserver DefaultAuthResponseTemplate = `` /* 584-byte string literal not displayed */ )
Variables ¶
config.ConfigClientID, Help: "OAuth Client Id.\n\nLeave blank normally.", Sensitive: true, }, { Name: config.ConfigClientSecret, Help: "OAuth Client Secret.\n\nLeave blank normally.", Sensitive: true, }, { Name: config.ConfigToken, Help: "OAuth Access Token as a JSON blob.", Advanced: true, Sensitive: true, }, { Name: config.ConfigAuthURL, Help: "Auth server URL.\n\nLeave blank to use the provider defaults.", Advanced: true, }, { Name: config.ConfigTokenURL, Help: "Token server url.\n\nLeave blank to use the provider defaults.", Advanced: true, }, { Name: config.ConfigDeviceURL, Help: "Device grant server url.\n\nLeave blank to use the provider defaults.", Advanced: true, }}Name:
SharedOptions are shared between backends the utilize an OAuth flow
Functions ¶
func ConfigOAuth ¶
func ConfigOAuth(ctx context.Context, name string, m configmap.Mapper, ri *fs.RegInfo, in fs.ConfigIn) (*fs.ConfigOut, error)
ConfigOAuth does the oauth config specified in the config block
This is called with a state which has pushed on it
state prefixed with "*oauth" state for oauth to return to state that returned the OAuth when we wish to recall it value that returned the OAuth
func ConfigOut ¶
ConfigOut returns a config item suitable for the backend config
state is the place to return the config to oAuth is the config to run the oauth with
Types ¶
type AuthResult ¶
type AuthResult struct { OK bool // Failure or Success? Name string Description string Code string HelpURL string Form url.Values // the complete contents of the form Err error // any underlying error to report }
AuthResult is returned from the web server after authorization success or failure
func (*AuthResult) Error ¶
func (ar *AuthResult) Error() string
Error satisfies the error interface so AuthResult can be used as an error
type CheckAuthFn ¶
type CheckAuthFn func(*oauth2.Config, *AuthResult) error
CheckAuthFn is called when a good Auth has been received
type Options ¶
type Options struct { OAuth2Config *oauth2.Config // Basic config for oauth2 NoOffline bool // If set then "access_type=offline" parameter is not passed CheckAuth CheckAuthFn // When the AuthResult is known the checkAuth function is called if set OAuth2Opts []oauth2.AuthCodeOption // extra oauth2 options StateBlankOK bool // If set, state returned as "" is deemed to be OK DeviceGrantType string // If set, changes the default (rfc) grant type to the one specified }
Options for the oauth config
type Renew ¶
type Renew struct {
// contains filtered or unexported fields
}
Renew allows tokens to be renewed on expiry if uploads are in progress.
func NewRenew ¶
func NewRenew(name string, ts *TokenSource, run func() error) *Renew
NewRenew creates a new Renew struct and starts a background process which renews the token whenever it expires. It uses the run() call to run a transaction to do this.
It will only renew the token if the number of uploads > 0
type TokenSource ¶
type TokenSource struct {
// contains filtered or unexported fields
}
TokenSource stores updated tokens in the config file
func NewClient ¶
func NewClient(ctx context.Context, name string, m configmap.Mapper, oauthConfig *oauth2.Config) (*http.Client, *TokenSource, error)
NewClient gets a token from the config file and configures a Client with it. It returns the client and a TokenSource which Invalidate may need to be called on
func NewClientWithBaseClient ¶
func NewClientWithBaseClient(ctx context.Context, name string, m configmap.Mapper, config *oauth2.Config, baseClient *http.Client) (*http.Client, *TokenSource, error)
NewClientWithBaseClient gets a token from the config file and configures a Client with it. It returns the client and a TokenSource which Invalidate may need to be called on. It uses the httpClient passed in as the base client.
func (*TokenSource) Expire ¶
func (ts *TokenSource) Expire() error
Expire marks the token as expired
This also marks the token in the config file as expired, if it is the same one
func (*TokenSource) Invalidate ¶
func (ts *TokenSource) Invalidate()
Invalidate invalidates the token
func (*TokenSource) OnExpiry ¶
func (ts *TokenSource) OnExpiry() <-chan time.Time
OnExpiry returns a channel which has the time written to it when the token expires. Note that there is only one channel so if attaching multiple go routines it will only signal to one of them.