auth

package
v0.11.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 18, 2021 License: MIT Imports: 11 Imported by: 0

README

Auth package

The CLI authentication follows this approach:

  1. $ auth0 login uses Auth0 Device Flow to get an acccess token and a refresh token for the selected tenant.
  2. The access token is stored at the configuration file.
  3. The refresh token is stored at the OS keychain (supports macOS, Linux, and Windows thanks to https://github.com/zalando/go-keyring).
  4. During regular commands initialization, the access token is used to instantiate an Auth0 API client. - If the token is expired according to the value stored on the configuration file, a new one is requested using the refresh token. - In case of any error, the interactive login flow is triggered.

Documentation

Index

Constants

View Source
const (

	// namespace used to set/get values from the keychain
	SecretsNamespace = "auth0-cli"
)

Variables

This section is empty.

Functions

func RequiredScopes added in v0.5.1

func RequiredScopes() []string

RequiredScopes returns the scopes used for login.

func RequiredScopesMin added in v0.8.1

func RequiredScopesMin() []string

RequiredScopesMin returns minimum scopes used for login in integration tests.

Types

type Authenticator

type Authenticator struct {
	Audience           string
	ClientID           string
	DeviceCodeEndpoint string
	OauthTokenEndpoint string
}

func (*Authenticator) Start

func (a *Authenticator) Start(ctx context.Context) (State, error)

Start kicks-off the device authentication flow by requesting a device code from Auth0, The returned state contains the URI for the next step of the flow.

func (*Authenticator) Wait

func (a *Authenticator) Wait(ctx context.Context, state State) (Result, error)

Wait waits until the user is logged in on the browser.

type Keyring

type Keyring struct{}

func (*Keyring) Delete

func (k *Keyring) Delete(namespace, key string) error

Delete deletes a value for the given namespace and key.

func (*Keyring) Get

func (k *Keyring) Get(namespace, key string) (string, error)

Get gets a value for the given namespace and key.

func (*Keyring) Set

func (k *Keyring) Set(namespace, key, value string) error

Set sets the given key/value pair with the given namespace.

type Result

type Result struct {
	Tenant       string
	Domain       string
	RefreshToken string
	AccessToken  string
	ExpiresIn    int64
}

type SecretStore

type SecretStore interface {
	// Get gets the secret
	Get(namespace, key string) (string, error)
	// Delete removes the secret
	Delete(namespace, key string) error
}

SecretStore provides access to stored sensitive data.

type State

type State struct {
	DeviceCode      string `json:"device_code"`
	UserCode        string `json:"user_code"`
	VerificationURI string `json:"verification_uri_complete"`
	ExpiresIn       int    `json:"expires_in"`
	Interval        int    `json:"interval"`
}

func (*State) IntervalDuration

func (s *State) IntervalDuration() time.Duration

type TokenResponse

type TokenResponse struct {
	AccessToken string `json:"access_token"`
	IDToken     string `json:"id_token"`
	TokenType   string `json:"token_type"`
	ExpiresIn   int    `json:"expires_in"`
}

type TokenRetriever

type TokenRetriever struct {
	Authenticator *Authenticator
	Secrets       SecretStore
	Client        *http.Client
}

func (*TokenRetriever) Delete

func (t *TokenRetriever) Delete(tenant string) error

Delete deletes the given tenant from the secrets storage.

func (*TokenRetriever) Refresh

func (t *TokenRetriever) Refresh(ctx context.Context, tenant string) (TokenResponse, error)

Refresh gets a new access token from the provided refresh token, The request is used the default client_id and endpoint for device authentication.

Directories

Path Synopsis
Package mock is a generated GoMock package.
Package mock is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL