handler

package
v0.0.0-...-09efcc3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 23, 2024 License: Apache-2.0 Imports: 50 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	CodeResponseTypeElement          = "code"
	NoneResponseTypeElement          = "none"
	TokenResponseTypeElement         = "token"
	SettingsActonResponseTypeElement = "urn:authgear:params:oauth:response-type:settings-action"
	// nolint:gosec
	PreAuthenticatedURLResponseTypeElement = "urn:authgear:params:oauth:response-type:pre-authenticated-url"
)
View Source 
const (
	AuthorizationCodeGrantType = "authorization_code"
	RefreshTokenGrantType      = "refresh_token"
	// nolint:gosec
	TokenExchangeGrantType = "urn:ietf:params:oauth:grant-type:token-exchange"

	AnonymousRequestGrantType = "urn:authgear:params:oauth:grant-type:anonymous-request"
	BiometricRequestGrantType = "urn:authgear:params:oauth:grant-type:biometric-request"
	App2AppRequestGrantType   = "urn:authgear:params:oauth:grant-type:app2app-request"
	// nolint:gosec
	IDTokenGrantType        = "urn:authgear:params:oauth:grant-type:id-token"
	SettingsActionGrantType = "urn:authgear:params:oauth:grant-type:settings-action"
)
View Source 
const (
	// nolint:gosec
	PreAuthenticatedURLTokenTokenType = "urn:authgear:params:oauth:token-type:pre-authenticated-url-token"
	// nolint:gosec
	IDTokenTokenType = "urn:ietf:params:oauth:token-type:id_token"
	// nolint:gosec
	DeviceSecretTokenType = "urn:x-oath:params:oauth:token-type:device-secret"
)
View Source 
const AppSessionTokenDuration = duration.Short
View Source 
const CodeGrantValidDuration = duration.Short
View Source 
const PromotionCodeDuration = duration.Short
View Source 
const SettingsActionGrantValidDuration = duration.Short

Variables

View Source 
var (
	CodeResponseType                     = protocol.NewResponseType([]string{CodeResponseTypeElement})
	NoneResponseType                     = protocol.NewResponseType([]string{NoneResponseTypeElement})
	TokenResponseType                    = protocol.NewResponseType([]string{TokenResponseTypeElement})
	SettingsActonResponseType            = protocol.NewResponseType([]string{SettingsActonResponseTypeElement})
	PreAuthenticatedURLTokenResponseType = protocol.NewResponseType([]string{PreAuthenticatedURLResponseTypeElement, TokenResponseTypeElement})
)
View Source 
var DependencySet = wire.NewSet(
	NewAuthorizationHandlerLogger,
	wire.Struct(new(AuthorizationHandler), "*"),
	NewTokenHandlerLogger,
	wire.Struct(new(TokenHandler), "*"),
	wire.Struct(new(RevokeHandler), "*"),
	NewAnonymousUserHandlerLogger,
	wire.Struct(new(AnonymousUserHandler), "*"),
	wire.Struct(new(TokenService), "*"),
	wire.Struct(new(CodeGrantService), "*"),
	wire.Struct(new(SettingsActionGrantService), "*"),
	wire.Struct(new(PreAuthenticatedURLTokenServiceImpl), "*"),
	wire.Bind(new(PreAuthenticatedURLTokenService), new(*PreAuthenticatedURLTokenServiceImpl)),
	wire.Struct(new(ProxyRedirectHandler), "*"),
	wire.Bind(new(TokenHandlerTokenService), new(*TokenService)),
)
View Source 
var ErrInvalidDPoPKeyBinding = protocol.NewError(dpop.InvalidDPoPProof, "Invalid DPoP key binding")
View Source 
var ErrInvalidRefreshToken = protocol.NewError("invalid_grant", "invalid refresh token")
View Source 
var ErrLoggedInAsNormalUser = apierrors.NewInvalid("user logged in as normal user")
View Source 
var ErrUnauthenticated = apierrors.NewUnauthorized("authentication required")

Functions

func IsConsentRequiredError 

func IsConsentRequiredError(err error) bool

Types

type AccessTokenIssuer 

type AccessTokenIssuer interface {
	EncodeAccessToken(ctx context.Context, client *config.OAuthClientConfig, clientLike *oauth.ClientLike, grant *oauth.AccessGrant, userID string, token string) (string, error)
}

type AnonymousIdentityProvider 

type AnonymousIdentityProvider interface {
	List(ctx context.Context, userID string) ([]*identity.Anonymous, error)
}

type AnonymousUserHandler 

type AnonymousUserHandler struct {
	AppID       config.AppID
	OAuthConfig *config.OAuthConfig
	Logger      AnonymousUserHandlerLogger

	Graphs              GraphService
	Authorizations      AuthorizationService
	Clock               clock.Clock
	TokenService        TokenService
	UserProvider        UserProvider
	AnonymousIdentities AnonymousIdentityProvider
	PromotionCodes      PromotionCodeStore
	OAuthClientResolver OAuthClientResolver
}

func (*AnonymousUserHandler) IssuePromotionCode 

func (h *AnonymousUserHandler) IssuePromotionCode(
	ctx context.Context,
	req *http.Request,
	sessionType WebSessionType,
	refreshToken string,
) (code string, codeObj *anonymous.PromotionCode, err error)

func (*AnonymousUserHandler) SignupAnonymousUser 

func (h *AnonymousUserHandler) SignupAnonymousUser(
	ctx context.Context,
	req *http.Request,
	clientID string,
	sessionType WebSessionType,
	refreshToken string,
) (*SignupAnonymousUserResult, error)

SignupAnonymousUser return token response or api errors

type AnonymousUserHandlerLogger 

type AnonymousUserHandlerLogger struct{ *log.Logger }

func NewAnonymousUserHandlerLogger 

func NewAnonymousUserHandlerLogger(lf *log.Factory) AnonymousUserHandlerLogger

type App2AppService 

type App2AppService interface {
	ParseTokenUnverified(requestJWT string) (t *app2app.Request, err error)
	ParseToken(requestJWT string, key jwk.Key) (*app2app.Request, error)
}

type AppSessionTokenService 

type AppSessionTokenService interface {
	Handle(ctx context.Context, input oauth.AppSessionTokenInput) (httputil.Result, error)
}

type AuthenticationInfoResolver 

type AuthenticationInfoResolver interface {
	GetAuthenticationInfoID(req *http.Request) (string, bool)
}

type AuthenticationInfoService 

type AuthenticationInfoService interface {
	Get(ctx context.Context, entryID string) (*authenticationinfo.Entry, error)
	Delete(ctx context.Context, entryID string) error
}

type AuthorizationHandler 

type AuthorizationHandler struct {
	AppID                 config.AppID
	Config                *config.OAuthConfig
	AccountDeletionConfig *config.AccountDeletionConfig
	HTTPConfig            *config.HTTPConfig
	HTTPProto             httputil.HTTPProto
	HTTPOrigin            httputil.HTTPOrigin
	AppDomains            config.AppDomains
	Logger                AuthorizationHandlerLogger

	UIURLBuilder                    UIURLBuilder
	UIInfoResolver                  UIInfoResolver
	AuthenticationInfoResolver      AuthenticationInfoResolver
	Authorizations                  AuthorizationService
	ValidateScopes                  ScopesValidator
	AppSessionTokenService          AppSessionTokenService
	AuthenticationInfoService       AuthenticationInfoService
	Clock                           clock.Clock
	Cookies                         CookieManager
	OAuthSessionService             OAuthSessionService
	CodeGrantService                CodeGrantService
	SettingsActionGrantService      SettingsActionGrantService
	ClientResolver                  OAuthClientResolver
	PreAuthenticatedURLTokenService PreAuthenticatedURLTokenService
	IDTokenIssuer                   IDTokenIssuer
}

func (*AuthorizationHandler) Handle 

func (h *AuthorizationHandler) Handle(ctx context.Context, r protocol.AuthorizationRequest) httputil.Result

func (*AuthorizationHandler) HandleConsentWithUserCancel 

func (h *AuthorizationHandler) HandleConsentWithUserCancel(ctx context.Context, req *http.Request) httputil.Result

func (*AuthorizationHandler) HandleConsentWithUserConsent 

func (h *AuthorizationHandler) HandleConsentWithUserConsent(ctx context.Context, req *http.Request) httputil.Result

func (*AuthorizationHandler) HandleConsentWithoutUserConsent 

func (h *AuthorizationHandler) HandleConsentWithoutUserConsent(ctx context.Context, req *http.Request) (httputil.Result, *ConsentRequired)

type AuthorizationHandlerLogger 

type AuthorizationHandlerLogger struct{ *log.Logger }

func NewAuthorizationHandlerLogger 

func NewAuthorizationHandlerLogger(lf *log.Factory) AuthorizationHandlerLogger

type AuthorizationService 

type AuthorizationService interface {
	GetByID(ctx context.Context, id string) (*oauth.Authorization, error)
	CheckAndGrant(
		ctx context.Context,
		clientID string,
		userID string,
		scopes []string,
	) (*oauth.Authorization, error)
	Check(
		ctx context.Context,
		clientID string,
		userID string,
		scopes []string,
	) (*oauth.Authorization, error)
}

type ChallengeProvider 

type ChallengeProvider interface {
	Consume(ctx context.Context, token string) (*challenge.Purpose, error)
}

type CodeGrantService 

type CodeGrantService struct {
	AppID         config.AppID
	CodeGenerator TokenGenerator
	Clock         clock.Clock

	CodeGrants oauth.CodeGrantStore
}

func (*CodeGrantService) CreateCodeGrant 

func (s *CodeGrantService) CreateCodeGrant(ctx context.Context, opts *CreateCodeGrantOptions) (code string, grant *oauth.CodeGrant, err error)

type ConsentRequired 

type ConsentRequired struct {
	UserID string
	Scopes []string
	Client *config.OAuthClientConfig
}

type CookieManager 

type CookieManager interface {
	GetCookie(r *http.Request, def *httputil.CookieDef) (*http.Cookie, error)
	ValueCookie(def *httputil.CookieDef, value string) *http.Cookie
	ClearCookie(def *httputil.CookieDef) *http.Cookie
}

type CookiesGetter 

type CookiesGetter interface {
	GetCookies() []*http.Cookie
}

type CreateCodeGrantOptions 

type CreateCodeGrantOptions struct {
	Authorization        *oauth.Authorization
	SessionType          session.Type
	SessionID            string
	AuthenticationInfo   authenticationinfo.T
	IDTokenHintSID       string
	RedirectURI          string
	AuthorizationRequest protocol.AuthorizationRequest
	DPoPJKT              string
}

type CreateSettingsActionGrantOptions 

type CreateSettingsActionGrantOptions struct {
	RedirectURI          string
	AuthorizationRequest protocol.AuthorizationRequest
}

type EventService 

type EventService interface {
	DispatchEventOnCommit(ctx context.Context, payload event.Payload) error
}

type GraphService 

type GraphService interface {
	NewGraph(ctx context.Context, interactionCtx *interaction.Context, intent interaction.Intent) (*interaction.Graph, error)
	DryRun(ctx context.Context, contextValue interaction.ContextValues, fn func(ctx context.Context, interactionCtx *interaction.Context) (*interaction.Graph, error)) error
	Run(ctx context.Context, contextValue interaction.ContextValues, graph *interaction.Graph) error
	Accept(ctx context.Context, interactionCtx *interaction.Context, graph *interaction.Graph, input interface{}) (*interaction.Graph, []interaction.Edge, error)
}

type IDTokenIssuer 

type IDTokenIssuer interface {
	Iss() string
	IssueIDToken(ctx context.Context, opts oidc.IssueIDTokenOptions) (token string, err error)
	VerifyIDToken(idToken string) (token jwt.Token, err error)
}

type IssueOfflineGrantOptions 

type IssueOfflineGrantOptions struct {
	AuthenticationInfo authenticationinfo.T
	Scopes             []string
	AuthorizationID    string
	IDPSessionID       string
	DeviceInfo         map[string]interface{}
	IdentityID         string
	SSOEnabled         bool
	App2AppDeviceKey   jwk.Key
	IssueDeviceSecret  bool
	DPoPJKT            string
}

type IssueOfflineGrantRefreshTokenOptions 

type IssueOfflineGrantRefreshTokenOptions struct {
	Scopes          []string
	AuthorizationID string
	DPoPJKT         string
}

type IssuePreAuthenticatedURLTokenOptions 

type IssuePreAuthenticatedURLTokenOptions struct {
	AppID           string
	ClientID        string
	OfflineGrantID  string
	AuthorizationID string
	Scopes          []string
}

type IssuePreAuthenticatedURLTokenResult 

type IssuePreAuthenticatedURLTokenResult struct {
	Token     string
	TokenHash string
	TokenType string
	ExpiresIn int
}

type OAuthClientResolver 

type OAuthClientResolver interface {
	ResolveClient(clientID string) *config.OAuthClientConfig
}

type OAuthSessionService 

type OAuthSessionService interface {
	Save(ctx context.Context, entry *oauthsession.Entry) (err error)
	Get(ctx context.Context, entryID string) (*oauthsession.Entry, error)
	Delete(ctx context.Context, entryID string) error
}

type PreAuthenticatedURLTokenService 

type PreAuthenticatedURLTokenService interface {
	IssuePreAuthenticatedURLToken(
		ctx context.Context,
		options *IssuePreAuthenticatedURLTokenOptions,
	) (*IssuePreAuthenticatedURLTokenResult, error)
	ExchangeForAccessToken(
		ctx context.Context,
		client *config.OAuthClientConfig,
		sessionID string,
		token string,
	) (string, error)
}

type PreAuthenticatedURLTokenServiceImpl 

type PreAuthenticatedURLTokenServiceImpl struct {
	Clock clock.Clock

	PreAuthenticatedURLTokens oauth.PreAuthenticatedURLTokenStore
	AccessGrantService        oauth.PreAuthenticatedURLTokenAccessGrantService
	OfflineGrantService       oauth.PreAuthenticatedURLTokenOfflineGrantService
}

func (*PreAuthenticatedURLTokenServiceImpl) ExchangeForAccessToken 

func (s *PreAuthenticatedURLTokenServiceImpl) ExchangeForAccessToken(
	ctx context.Context,
	client *config.OAuthClientConfig,
	sessionID string,
	token string,
) (string, error)

func (*PreAuthenticatedURLTokenServiceImpl) IssuePreAuthenticatedURLToken 

func (s *PreAuthenticatedURLTokenServiceImpl) IssuePreAuthenticatedURLToken(
	ctx context.Context,
	options *IssuePreAuthenticatedURLTokenOptions,
) (*IssuePreAuthenticatedURLTokenResult, error)

type PromotionCodeStore 

type PromotionCodeStore interface {
	CreatePromotionCode(ctx context.Context, code *anonymous.PromotionCode) error
}

type ProxyRedirectHandler 

type ProxyRedirectHandler struct {
	OAuthConfig *config.OAuthConfig
	HTTPOrigin  httputil.HTTPOrigin
	HTTPProto   httputil.HTTPProto
	AppDomains  config.AppDomains
}

func (*ProxyRedirectHandler) Validate 

func (h *ProxyRedirectHandler) Validate(redirectURIWithQuery string) error

type RevokeHandler 

type RevokeHandler struct {
	SessionManager      SessionManager
	OfflineGrantService RevokeHandlerOfflineGrantService
	AccessGrants        RevokeHandlerAccessGrantStore
}

func (*RevokeHandler) Handle 

func (h *RevokeHandler) Handle(ctx context.Context, r protocol.RevokeRequest) error

type RevokeHandlerAccessGrantStore 

type RevokeHandlerAccessGrantStore interface {
	GetAccessGrant(ctx context.Context, tokenHash string) (*oauth.AccessGrant, error)
	DeleteAccessGrant(ctx context.Context, g *oauth.AccessGrant) error
}

type RevokeHandlerOfflineGrantService 

type RevokeHandlerOfflineGrantService interface {
	GetOfflineGrant(ctx context.Context, id string) (*oauth.OfflineGrant, error)
}

type ScopesValidator 

type ScopesValidator func(client *config.OAuthClientConfig, scopes []string) error

type SessionManager 

type SessionManager interface {
	RevokeWithEvent(ctx context.Context, session session.SessionBase, isTermination bool, isAdminAPI bool) error
	RevokeWithoutEvent(ctx context.Context, session session.SessionBase) error
}

type SettingsActionGrantService 

type SettingsActionGrantService struct {
	AppID         config.AppID
	CodeGenerator TokenGenerator
	Clock         clock.Clock

	SettingsActionGrants oauth.SettingsActionGrantStore
}

func (*SettingsActionGrantService) CreateSettingsActionGrant 

func (s *SettingsActionGrantService) CreateSettingsActionGrant(ctx context.Context, opts *CreateSettingsActionGrantOptions) (code string, grant *oauth.SettingsActionGrant, err error)

type SignupAnonymousUserResult 

type SignupAnonymousUserResult struct {
	TokenResponse interface{}
	Cookies       []*http.Cookie
}

type TokenGenerator 

type TokenGenerator func() string

type TokenHandler 

type TokenHandler struct {
	AppID                  config.AppID
	AppDomains             config.AppDomains
	HTTPProto              httputil.HTTPProto
	HTTPOrigin             httputil.HTTPOrigin
	OAuthFeatureConfig     *config.OAuthFeatureConfig
	IdentityFeatureConfig  *config.IdentityFeatureConfig
	OAuthClientCredentials *config.OAuthClientCredentials
	Logger                 TokenHandlerLogger

	Authorizations                  AuthorizationService
	CodeGrants                      TokenHandlerCodeGrantStore
	SettingsActionGrantStore        TokenHandlerSettingsActionGrantStore
	IDPSessions                     TokenHandlerIDPSessionProvider
	OfflineGrants                   TokenHandlerOfflineGrantStore
	AppSessionTokens                TokenHandlerAppSessionTokenStore
	OfflineGrantService             TokenHandlerOfflineGrantService
	PreAuthenticatedURLTokenService PreAuthenticatedURLTokenService
	Graphs                          GraphService
	IDTokenIssuer                   IDTokenIssuer
	Clock                           clock.Clock
	TokenService                    TokenHandlerTokenService
	Events                          EventService
	SessionManager                  SessionManager
	App2App                         App2AppService
	Challenges                      ChallengeProvider
	CodeGrantService                CodeGrantService
	ClientResolver                  OAuthClientResolver
	UIInfoResolver                  UIInfoResolver

	RemoteIP        httputil.RemoteIP
	UserAgentString httputil.UserAgentString
	ValidateScopes  ScopesValidator
}

func (*TokenHandler) Handle 

func (h *TokenHandler) Handle(ctx context.Context, rw http.ResponseWriter, req *http.Request, r protocol.TokenRequest) httputil.Result

func (*TokenHandler) IssueAppSessionToken 

func (h *TokenHandler) IssueAppSessionToken(ctx context.Context, refreshToken string) (string, *oauth.AppSessionToken, error)

func (*TokenHandler) IssueTokensForAuthorizationCode 

func (h *TokenHandler) IssueTokensForAuthorizationCode(
	ctx context.Context,
	client *config.OAuthClientConfig,
	r protocol.TokenRequest,
) (protocol.TokenResponse, error)

nolint:gocognit

func (*TokenHandler) IssueTokensForSettingsActionCode 

func (h *TokenHandler) IssueTokensForSettingsActionCode(
	ctx context.Context,
	client *config.OAuthClientConfig,
	r protocol.TokenRequest,
) (protocol.TokenResponse, error)

nolint:gocognit

type TokenHandlerAppSessionTokenStore 

type TokenHandlerAppSessionTokenStore interface {
	CreateAppSessionToken(ctx context.Context, t *oauth.AppSessionToken) error
}

type TokenHandlerCodeGrantStore 

type TokenHandlerCodeGrantStore interface {
	GetCodeGrant(ctx context.Context, codeHash string) (*oauth.CodeGrant, error)
	DeleteCodeGrant(ctx context.Context, g *oauth.CodeGrant) error
}

type TokenHandlerIDPSessionProvider 

type TokenHandlerIDPSessionProvider interface {
	Get(ctx context.Context, id string) (*idpsession.IDPSession, error)
}

type TokenHandlerLogger 

type TokenHandlerLogger struct{ *log.Logger }

func NewTokenHandlerLogger 

func NewTokenHandlerLogger(lf *log.Factory) TokenHandlerLogger

type TokenHandlerOfflineGrantService 

type TokenHandlerOfflineGrantService interface {
	AccessOfflineGrant(ctx context.Context, id string, accessEvent *access.Event, expireAt time.Time) (*oauth.OfflineGrant, error)
	GetOfflineGrant(ctx context.Context, id string) (*oauth.OfflineGrant, error)
}

type TokenHandlerOfflineGrantStore 

type TokenHandlerOfflineGrantStore interface {
	DeleteOfflineGrant(ctx context.Context, g *oauth.OfflineGrant) error

	UpdateOfflineGrantDeviceInfo(ctx context.Context, id string, deviceInfo map[string]interface{}, expireAt time.Time) (*oauth.OfflineGrant, error)
	UpdateOfflineGrantAuthenticatedAt(ctx context.Context, id string, authenticatedAt time.Time, expireAt time.Time) (*oauth.OfflineGrant, error)
	UpdateOfflineGrantApp2AppDeviceKey(ctx context.Context, id string, newKey string, expireAt time.Time) (*oauth.OfflineGrant, error)
	UpdateOfflineGrantDeviceSecretHash(
		ctx context.Context,
		grantID string,
		newDeviceSecretHash string,
		dpopJKT string,
		expireAt time.Time) (*oauth.OfflineGrant, error)

	ListOfflineGrants(ctx context.Context, userID string) ([]*oauth.OfflineGrant, error)
	ListClientOfflineGrants(ctx context.Context, clientID string, userID string) ([]*oauth.OfflineGrant, error)
}

type TokenHandlerSettingsActionGrantStore 

type TokenHandlerSettingsActionGrantStore interface {
	GetSettingsActionGrant(ctx context.Context, codeHash string) (*oauth.SettingsActionGrant, error)
	DeleteSettingsActionGrant(ctx context.Context, g *oauth.SettingsActionGrant) error
}

type TokenHandlerTokenService 

type TokenHandlerTokenService interface {
	ParseRefreshToken(ctx context.Context, token string) (authz *oauth.Authorization, offlineGrant *oauth.OfflineGrant, tokenHash string, err error)
	IssueAccessGrant(
		ctx context.Context,
		client *config.OAuthClientConfig,
		scopes []string,
		authzID string,
		userID string,
		sessionID string,
		sessionKind oauth.GrantSessionKind,
		refreshTokenHash string,
		resp protocol.TokenResponse,
	) error
	IssueOfflineGrant(
		ctx context.Context,
		client *config.OAuthClientConfig,
		opts IssueOfflineGrantOptions,
		resp protocol.TokenResponse,
	) (offlineGrant *oauth.OfflineGrant, tokenHash string, err error)
	IssueRefreshTokenForOfflineGrant(
		ctx context.Context,
		offlineGrantID string,
		client *config.OAuthClientConfig,
		opts IssueOfflineGrantRefreshTokenOptions,
		resp protocol.TokenResponse,
	) (offlineGrant *oauth.OfflineGrant, tokenHash string, err error)
	IssueDeviceSecret(ctx context.Context, resp protocol.TokenResponse) (deviceSecretHash string)
}

type TokenHandlerUserFacade 

type TokenHandlerUserFacade interface {
	GetRaw(ctx context.Context, id string) (*user.User, error)
}

type TokenService 

type TokenService struct {
	RemoteIP        httputil.RemoteIP
	UserAgentString httputil.UserAgentString
	AppID           config.AppID
	Config          *config.OAuthConfig

	Authorizations      oauth.AuthorizationStore
	OfflineGrants       oauth.OfflineGrantStore
	AccessGrants        oauth.AccessGrantStore
	OfflineGrantService oauth.OfflineGrantService
	AccessEvents        *access.EventProvider
	AccessTokenIssuer   AccessTokenIssuer
	GenerateToken       TokenGenerator
	Clock               clock.Clock
	Users               TokenHandlerUserFacade

	AccessGrantService oauth.AccessGrantService
}

func (*TokenService) IssueAccessGrant 

func (s *TokenService) IssueAccessGrant(
	ctx context.Context,
	client *config.OAuthClientConfig,
	scopes []string,
	authzID string,
	userID string,
	sessionID string,
	sessionKind oauth.GrantSessionKind,
	refreshTokenHash string,
	resp protocol.TokenResponse,
) error

func (*TokenService) IssueDeviceSecret 

func (s *TokenService) IssueDeviceSecret(ctx context.Context, resp protocol.TokenResponse) (deviceSecretHash string)

func (*TokenService) IssueOfflineGrant 

func (s *TokenService) IssueOfflineGrant(
	ctx context.Context,
	client *config.OAuthClientConfig,
	opts IssueOfflineGrantOptions,
	resp protocol.TokenResponse,
) (offlineGrant *oauth.OfflineGrant, tokenHash string, err error)

func (*TokenService) IssueRefreshTokenForOfflineGrant 

func (s *TokenService) IssueRefreshTokenForOfflineGrant(
	ctx context.Context,
	offlineGrantID string,
	client *config.OAuthClientConfig,
	opts IssueOfflineGrantRefreshTokenOptions,
	resp protocol.TokenResponse,
) (offlineGrant *oauth.OfflineGrant, tokenHash string, err error)

func (*TokenService) ParseRefreshToken 

func (s *TokenService) ParseRefreshToken(ctx context.Context, token string) (
	authz *oauth.Authorization, offlineGrant *oauth.OfflineGrant, tokenHash string, err error)

type UIInfoResolver 

type UIInfoResolver interface {
	ResolveForAuthorizationEndpoint(ctx context.Context, client *config.OAuthClientConfig, req protocol.AuthorizationRequest) (*oidc.UIInfo, *oidc.UIInfoByProduct, error)
}

type UIURLBuilder 

type UIURLBuilder interface {
	BuildAuthenticationURL(client *config.OAuthClientConfig, r protocol.AuthorizationRequest, e *oauthsession.Entry) (*url.URL, error)
	BuildSettingsActionURL(client *config.OAuthClientConfig, r protocol.AuthorizationRequest, e *oauthsession.Entry) (*url.URL, error)
}

type UserProvider 

type UserProvider interface {
	Get(ctx context.Context, id string, role accesscontrol.Role) (*model.User, error)
}

type WebSessionType 

type WebSessionType string
const (
	WebSessionTypeCookie       WebSessionType = "cookie"
	WebSessionTypeRefreshToken WebSessionType = "refresh_token"
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.