authenticator

package
v0.10.0-alpha.1-cloud Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 15, 2024 License: AGPL-3.0 Imports: 23 Imported by: 0

Documentation

Index

Constants

View Source
const (
	PKCE   = "pkce"
	Device = "device"
)
View Source
const (
	ListenerAddress = "127.0.0.1"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Authenticator

type Authenticator interface {
	GetAuthorization(ctx context.Context, openURLFunc func(URL string), states ...string) (interface{}, error)
	GetToken(ctx context.Context, authorization interface{}) (*TokenResponse, error)
	GetUserInfo(ctx context.Context, token string) (*UserInfoResponse, error)
	Logout(ctx context.Context, token string, openURLFunc func(URL string)) error
	RefreshToken(ctx context.Context, refreshToken string) (*TokenResponse, error)
}

func NewAuthenticator

func NewAuthenticator(typeAuth string, client *http.Client, clientID string, authURL string) (Authenticator, error)

type AuthorizationResponse

type AuthorizationResponse struct {
	CallbackURL string
	Code        string
}

type CallbackResponse

type CallbackResponse struct {
	Code  string
	Error error
}

CallbackResponse holds the code gotten from the authorization callback. Error will hold an error struct if an error occurred.

type CallbackService

type CallbackService struct {
	// contains filtered or unexported fields
}

CallbackService is used to handle the callback received in the PKCE flow

type Challenge

type Challenge struct {
	Code     string
	Verifier string
	Method   string
}

Challenge holds challenge and verification data needed for the PKCE flow

type DeviceAuthenticator

type DeviceAuthenticator struct {
	AuthURL      *url.URL
	AuthAudience string
	Clock        clock.Clock
	ClientID     string
	// contains filtered or unexported fields
}

DeviceAuthenticator performs the authentication flow for logging in.

func (*DeviceAuthenticator) GetAuthorization

func (d *DeviceAuthenticator) GetAuthorization(ctx context.Context, openURLFunc func(URL string), states ...string) (interface{}, error)

GetAuthorization performs the device verification API calls.

func (*DeviceAuthenticator) GetToken

func (d *DeviceAuthenticator) GetToken(ctx context.Context, authorization interface{}) (*TokenResponse, error)

func (*DeviceAuthenticator) GetUserInfo

func (d *DeviceAuthenticator) GetUserInfo(ctx context.Context, token string) (*UserInfoResponse, error)

func (*DeviceAuthenticator) Logout

func (d *DeviceAuthenticator) Logout(ctx context.Context, token string, openURLFunc func(URL string)) error

func (*DeviceAuthenticator) RefreshToken

func (d *DeviceAuthenticator) RefreshToken(ctx context.Context, refreshToken string) (*TokenResponse, error)

RefreshToken The device authenticator needs the clientSecret when refreshing the token, and the kbcli client does not hold it, so this method does not need to be implemented.

type DeviceCodeResponse

type DeviceCodeResponse struct {
	DeviceCode              string `json:"device_code"`
	UserCode                string `json:"user_code"`
	VerificationURI         string `json:"verification_uri"`
	VerificationCompleteURI string `json:"verification_uri_complete"`
	ExpiresIn               int    `json:"expires_in"`
	PollingInterval         int    `json:"interval"`
}

type DeviceVerification

type DeviceVerification struct {
	// DeviceCode is the unique code for the device. When the user goes to the VerificationURL in their browser-based device, this code will be bound to their session.
	DeviceCode string
	// UserCode contains the code that should be input at the VerificationURL to authorize the device.
	UserCode string
	// VerificationURL contains the URL the user should visit to authorize the device.
	VerificationURL string
	// VerificationCompleteURL contains the complete URL the user should visit to authorize the device. This allows your app to embed the user_code in the URL, if you so choose.
	VerificationCompleteURL string
	// CheckInterval indicates the interval (in seconds) at which the app should poll the token URL to request a token.
	Interval time.Duration
	// ExpiresAt indicates the lifetime (in seconds) of the device_code and user_code.
	ExpiresAt time.Time
}

type ErrorResponse

type ErrorResponse struct {
	ErrorCode   string `json:"error"`
	Description string `json:"error_description"`
}

func (ErrorResponse) Error

func (e ErrorResponse) Error() string

type HTTPServer

type HTTPServer interface {
	// contains filtered or unexported methods
}

type OIDCWellKnownEndpoints

type OIDCWellKnownEndpoints struct {
	AuthorizationEndpoint string `json:"authorization_endpoint"`
	TokenEndpoint         string `json:"token_endpoint"`
}

type PKCEAuthenticator

type PKCEAuthenticator struct {
	Clock              clock.Clock
	ClientID           string
	AuthURL            string
	AuthAudience       string
	Challenge          Challenge
	WellKnownEndpoints *OIDCWellKnownEndpoints
	// contains filtered or unexported fields
}

func (*PKCEAuthenticator) GetAuthorization

func (p *PKCEAuthenticator) GetAuthorization(ctx context.Context, openURLFunc func(URL string), states ...string) (interface{}, error)

func (*PKCEAuthenticator) GetToken

func (p *PKCEAuthenticator) GetToken(ctx context.Context, authorization interface{}) (*TokenResponse, error)

func (*PKCEAuthenticator) GetUserInfo

func (p *PKCEAuthenticator) GetUserInfo(ctx context.Context, token string) (*UserInfoResponse, error)

func (*PKCEAuthenticator) Logout

func (p *PKCEAuthenticator) Logout(ctx context.Context, token string, openURLFunc func(URL string)) error

func (*PKCEAuthenticator) RefreshToken

func (p *PKCEAuthenticator) RefreshToken(ctx context.Context, refreshToken string) (*TokenResponse, error)

type RefreshTokenResponse

type RefreshTokenResponse struct {
	AccessToken string `json:"access_token"`
	ExpiresIn   int    `json:"expires_in"`
	Scope       string `json:"scope"`
	IDToken     string `json:"id_token"`
	TokenType   string `json:"token_type"`
}

type TokenResponse

type TokenResponse struct {
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token"`
	IDToken      string `json:"id_token"`
	ExpiresIn    int    `json:"expires_in"`
}

type UserInfoResponse

type UserInfoResponse struct {
	Name    string `json:"name"`
	Email   string `json:"email"`
	Locale  string `json:"locale"`
	Subject string `json:"sub"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL