authenticator

package
v0.8.0-alpha.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 21, 2023 License: AGPL-3.0 Imports: 21 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	PKCE   = "pkce"
	Device = "device"
)
View Source 
const (
	ListenerAddress = "127.0.0.1"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Authenticator 

type Authenticator interface {
	GetAuthorization(ctx context.Context, openURLFunc func(URL string), states ...string) (interface{}, error)
	GetToken(ctx context.Context, authorization interface{}) (*TokenResponse, error)
	GetUserInfo(ctx context.Context, token string) (*UserInfoResponse, error)
	Logout(ctx context.Context, token string, openURLFunc func(URL string)) error
	RefreshToken(ctx context.Context, refreshToken string) (*TokenResponse, error)
}

func NewAuthenticator 

func NewAuthenticator(typeAuth string, client *http.Client, clientID string, authURL string) (Authenticator, error)

type AuthorizationResponse 

type AuthorizationResponse struct {
	CallbackURL string
	Code        string
}

type CallbackResponse 

type CallbackResponse struct {
	Code  string
	Error error
}

CallbackResponse holds the code gotten from the authorization callback. Error will hold an error struct if an error occurred.

type CallbackService 

type CallbackService struct {
	// contains filtered or unexported fields
}

CallbackService is used to handle the callback received in the PKCE flow

type Challenge 

type Challenge struct {
	Code     string
	Verifier string
	Method   string
}

Challenge holds challenge and verification data needed for the PKCE flow

type DeviceAuthenticator 

type DeviceAuthenticator struct {
	AuthURL      *url.URL
	AuthAudience string
	Clock        clock.Clock
	ClientID     string
	// contains filtered or unexported fields
}

DeviceAuthenticator performs the authentication flow for logging in.

func (*DeviceAuthenticator) GetAuthorization 

func (d *DeviceAuthenticator) GetAuthorization(ctx context.Context, openURLFunc func(URL string), states ...string) (interface{}, error)

GetAuthorization performs the device verification API calls.

func (*DeviceAuthenticator) GetToken 

func (d *DeviceAuthenticator) GetToken(ctx context.Context, authorization interface{}) (*TokenResponse, error)

func (*DeviceAuthenticator) GetUserInfo 

func (d *DeviceAuthenticator) GetUserInfo(ctx context.Context, token string) (*UserInfoResponse, error)

func (*DeviceAuthenticator) Logout 

func (d *DeviceAuthenticator) Logout(ctx context.Context, token string, openURLFunc func(URL string)) error

func (*DeviceAuthenticator) RefreshToken 

func (d *DeviceAuthenticator) RefreshToken(ctx context.Context, refreshToken string) (*TokenResponse, error)

RefreshToken The device authenticator needs the clientSecret when refreshing the token, and the kbcli client does not hold it, so this method does not need to be implemented.

type DeviceCodeResponse 

type DeviceCodeResponse struct {
	DeviceCode              string `json:"device_code"`
	UserCode                string `json:"user_code"`
	VerificationURI         string `json:"verification_uri"`
	VerificationCompleteURI string `json:"verification_uri_complete"`
	ExpiresIn               int    `json:"expires_in"`
	PollingInterval         int    `json:"interval"`
}

type DeviceVerification 

type DeviceVerification struct {
	// DeviceCode is the unique code for the device. When the user goes to the VerificationURL in their browser-based device, this code will be bound to their session.
	DeviceCode string
	// UserCode contains the code that should be input at the VerificationURL to authorize the device.
	UserCode string
	// VerificationURL contains the URL the user should visit to authorize the device.
	VerificationURL string
	// VerificationCompleteURL contains the complete URL the user should visit to authorize the device. This allows your app to embed the user_code in the URL, if you so choose.
	VerificationCompleteURL string
	// CheckInterval indicates the interval (in seconds) at which the app should poll the token URL to request a token.
	Interval time.Duration
	// ExpiresAt indicates the lifetime (in seconds) of the device_code and user_code.
	ExpiresAt time.Time
}

type ErrorResponse 

type ErrorResponse struct {
	ErrorCode   string `json:"error"`
	Description string `json:"error_description"`
}

func (ErrorResponse) Error 

func (e ErrorResponse) Error() string

type HTTPServer 

type HTTPServer interface {
	// contains filtered or unexported methods
}

type OIDCWellKnownEndpoints 

type OIDCWellKnownEndpoints struct {
	AuthorizationEndpoint string `json:"authorization_endpoint"`
	TokenEndpoint         string `json:"token_endpoint"`
}

type PKCEAuthenticator 

type PKCEAuthenticator struct {
	Clock              clock.Clock
	ClientID           string
	AuthURL            string
	AuthAudience       string
	Challenge          Challenge
	WellKnownEndpoints *OIDCWellKnownEndpoints
	// contains filtered or unexported fields
}

func (*PKCEAuthenticator) GetAuthorization 

func (p *PKCEAuthenticator) GetAuthorization(ctx context.Context, openURLFunc func(URL string), states ...string) (interface{}, error)

func (*PKCEAuthenticator) GetToken 

func (p *PKCEAuthenticator) GetToken(ctx context.Context, authorization interface{}) (*TokenResponse, error)

func (*PKCEAuthenticator) GetUserInfo 

func (p *PKCEAuthenticator) GetUserInfo(ctx context.Context, token string) (*UserInfoResponse, error)

func (*PKCEAuthenticator) Logout 

func (p *PKCEAuthenticator) Logout(ctx context.Context, token string, openURLFunc func(URL string)) error

func (*PKCEAuthenticator) RefreshToken 

func (p *PKCEAuthenticator) RefreshToken(ctx context.Context, refreshToken string) (*TokenResponse, error)

type RefreshTokenResponse 

type RefreshTokenResponse struct {
	AccessToken string `json:"access_token"`
	ExpiresIn   int    `json:"expires_in"`
	Scope       string `json:"scope"`
	IDToken     string `json:"id_token"`
	TokenType   string `json:"token_type"`
}

type TokenResponse 

type TokenResponse struct {
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token"`
	IDToken      string `json:"id_token"`
	ExpiresIn    int    `json:"expires_in"`
}

type UserInfoResponse 

type UserInfoResponse struct {
	Name    string `json:"name"`
	Email   string `json:"email"`
	Locale  string `json:"locale"`
	Subject string `json:"sub"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.