auth

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 20, 2021 License: MIT Imports: 11 Imported by: 0

README

Auth package

The CLI authentication follows this approach:

  1. $ auth0 login uses Auth0 Device Flow to get an acccess token and a refresh token for the selected tenant.
  2. The access token is stored at the configuration file.
  3. The refresh token is stored at the OS keychain (supports macOS, Linux, and Windows thanks to https://github.com/zalando/go-keyring).
  4. During regular commands initialization, the access token is used to instantiate an Auth0 API client. - If the token is expired according to the value stored on the configuration file, a new one is requested using the refresh token. - In case of any error, the interactive login flow is triggered.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Authenticator

type Authenticator struct {
	Secrets SecretStore
}

func (*Authenticator) Start

func (a *Authenticator) Start(ctx context.Context) (State, error)

Start kicks-off the device authentication flow by requesting a device code from Auth0, The returned state contains the URI for the next step of the flow.

func (*Authenticator) Wait

func (a *Authenticator) Wait(ctx context.Context, state State) (Result, error)

Wait waits until the user is logged in on the browser.

type Keyring

type Keyring struct{}

func (*Keyring) Delete

func (k *Keyring) Delete(namespace, key string) error

Delete deletes a value for the given namespace and key.

func (*Keyring) Get

func (k *Keyring) Get(namespace, key string) (string, error)

Get gets a value for the given namespace and key.

func (*Keyring) Set

func (k *Keyring) Set(namespace, key, value string) error

Set sets the given key/value pair with the given namespace.

type Result

type Result struct {
	Tenant      string
	Domain      string
	AccessToken string
	ExpiresIn   int64
}

type SecretStore

type SecretStore interface {
	// Set sets the secret
	Set(namespace, key, value string) error
	// Get gets the secret
	Get(namespace, key string) (string, error)
	// Delete removes the secret
	Delete(namespace, key string) error
}

SecretStore provides secure storage for sensitive data

type State

type State struct {
	DeviceCode      string `json:"device_code"`
	UserCode        string `json:"user_code"`
	VerificationURI string `json:"verification_uri_complete"`
	ExpiresIn       int    `json:"expires_in"`
	Interval        int    `json:"interval"`
}

func (*State) IntervalDuration

func (s *State) IntervalDuration() time.Duration

type TokenResponse

type TokenResponse struct {
	AccessToken string `json:"access_token"`
	IDToken     string `json:"id_token"`
	TokenType   string `json:"token_type"`
	ExpiresIn   int    `json:"expires_in"`
}

type TokenRetriever

type TokenRetriever struct {
	Secrets SecretStore
	Client  *http.Client
}

func (*TokenRetriever) Delete

func (t *TokenRetriever) Delete(tenant string) error

Delete deletes the given tenant from the secrets storage.

func (*TokenRetriever) Refresh

func (t *TokenRetriever) Refresh(ctx context.Context, tenant string) (TokenResponse, error)

Refresh gets a new access token from the provided refresh token, The request is used the default client_id and endpoint for device authentication.

Directories

Path Synopsis
Package mock is a generated GoMock package.
Package mock is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL