Documentation
¶
Index ¶
- Constants
- type AccessToken
- type Address
- type ApiResponse
- type AuthorizationAction
- type AuthorizationFailAction
- type AuthorizationFailReason
- type AuthorizationFailRequest
- type AuthorizationFailResponse
- type AuthorizationIssueAction
- type AuthorizationIssueRequest
- type AuthorizationIssueResponse
- type AuthorizationRequest
- type AuthorizationResponse
- type AuthorizedClientListResponse
- type BackchannelAuthenticationAction
- type BackchannelAuthenticationCompleteAction
- type BackchannelAuthenticationCompleteRequest
- type BackchannelAuthenticationCompleteResponse
- type BackchannelAuthenticationCompleteResult
- type BackchannelAuthenticationFailAction
- type BackchannelAuthenticationFailReason
- type BackchannelAuthenticationFailRequest
- type BackchannelAuthenticationFailResponse
- type BackchannelAuthenticationIssueAction
- type BackchannelAuthenticationIssueRequest
- type BackchannelAuthenticationIssueResponse
- type BackchannelAuthenticationRequest
- type BackchannelAuthenticationResponse
- type Client
- type ClientAuthorizationDeleteRequest
- type ClientAuthorizationGetListRequest
- type ClientAuthorizationUpdateRequest
- type ClientExtension
- type ClientListResponse
- type ClientRegistrationAction
- type ClientRegistrationRequest
- type ClientRegistrationResponse
- type ClientSecretRefreshResponse
- type ClientSecretUpdateRequest
- type ClientSecretUpdateResponse
- type DeviceAuthorizationAction
- type DeviceAuthorizationRequest
- type DeviceAuthorizationResponse
- type DeviceCompleteAction
- type DeviceCompleteRequest
- type DeviceCompleteResponse
- type DeviceCompleteResult
- type DeviceVerificationAction
- type DeviceVerificationRequest
- type DeviceVerificationResponse
- type DynamicScope
- type GrantedScopesGetResponse
- type Hsk
- type HskAction
- type HskCreateRequest
- type HskListAction
- type HskListResponse
- type HskResponse
- type IntrospectionAction
- type IntrospectionRequest
- type IntrospectionResponse
- type JoseVerifyRequest
- type JoseVerifyResponse
- type NamedUri
- type Pair
- type Property
- type PushedAuthReqAction
- type PushedAuthReqRequest
- type PushedAuthReqResponse
- type RevocationAction
- type RevocationRequest
- type RevocationResponse
- type Scope
- type Service
- type ServiceListResponse
- type SnsCredentials
- type StandardIntrospectionAction
- type StandardIntrospectionRequest
- type StandardIntrospectionResponse
- type TaggedValue
- type TokenAction
- type TokenCreateAction
- type TokenCreateRequest
- type TokenCreateResponse
- type TokenFailAction
- type TokenFailReason
- type TokenFailRequest
- type TokenFailResponse
- type TokenInfo
- type TokenIssueAction
- type TokenIssueRequest
- type TokenIssueResponse
- type TokenListResponse
- type TokenRequest
- type TokenResponse
- type TokenUpdateAction
- type TokenUpdateRequest
- type TokenUpdateResponse
- type UserInfoAction
- type UserInfoIssueAction
- type UserInfoIssueRequest
- type UserInfoIssueResponse
- type UserInfoRequest
- type UserInfoResponse
Constants ¶
View Source
const ( AuthorizationAction_INTERNAL_SERVER_ERROR = AuthorizationAction(`INTERNAL_SERVER_ERROR`) AuthorizationAction_BAD_REQUEST = AuthorizationAction(`BAD_REQUEST`) AuthorizationAction_LOCATION = AuthorizationAction(`LOCATION`) AuthorizationAction_FORM = AuthorizationAction(`FORM`) AuthorizationAction_NO_INTERACTION = AuthorizationAction(`NO_INTERACTION`) AuthorizationAction_INTERACTION = AuthorizationAction(`INTERACTION`) )
View Source
const ( AuthorizationFailAction_INTERNAL_SERVER_ERROR = AuthorizationFailAction(`INTERNAL_SERVER_ERROR`) AuthorizationFailAction_BAD_REQUEST = AuthorizationFailAction(`BAD_REQUEST`) AuthorizationFailAction_LOCATION = AuthorizationFailAction(`LOCATION`) AuthorizationFailAction_FORM = AuthorizationFailAction(`FORM`) )
View Source
const ( // UNKNOWN // // Unknown reason. AuthorizationFailReason_UNKNOWN = AuthorizationFailReason(`UNKNOWN`) // NOT_LOGGED_IN // // The authorization request from the client application contained // `prompt=none`, but any end-user has not logged in. // // Using this reason will result in `error=login_required`. AuthorizationFailReason_NOT_LOGGED_IN = AuthorizationFailReason(`NOT_LOGGED_IN`) // MAX_AGE_NOT_SUPPORTED // // The authorization request from the client application contained // `max_age` parameter with a non-zero value or the client's // configuration has a non-zero value for `default_max_age` // configuration parameter, but the authorization server cannot // behave properly based on the max age value mainly because the // server does not manage authentication time of end-users. // // Using this reason will result in `error=login_required`. AuthorizationFailReason_MAX_AGE_NOT_SUPPORTED = AuthorizationFailReason(`MAX_AGE_NOT_SUPPORTED`) // EXCEEDS_MAX_AGE // // The authorization request from the client application contained // `prompt=none`, but the time specified by `max_age` request parameter // or by `default_max_age` configuration parameter has passed since the // time at which the end-user logged in. // // Using this reason will result in `error=login_required`. AuthorizationFailReason_EXCEEDS_MAX_AGE = AuthorizationFailReason(`EXCEEDS_MAX_AGE`) // DIFFERENT_SUBJECT // // The authorization request from the client application requested a // specific value for the `sub` claim, but the current end-user (in // the case of `prompt=none`) or the end-user after the authentication // is different from the specified value. // // Using this reason will result in `error=login_required`. AuthorizationFailReason_DIFFERENT_SUBJECT = AuthorizationFailReason(`DIFFERENT_SUBJECT`) // ACR_NOT_SATISFIED // // The authorization request from the client application contained the // `acr` claim in the `claims` request parameter and the claim was marked // as essential, but the ACR performed for the end-user does not match // any one of the requested ACRs. // // Using this reason will result in `error=login_required`. AuthorizationFailReason_ACR_NOT_SATISFIED = AuthorizationFailReason(`ACR_NOT_SATISFIED`) // DENINED // // The end-user denied the authorization request from the client application. // // Using this reason will result in `error=access_denied`. AuthorizationFailReason_DENIED = AuthorizationFailReason(`DENIED`) // SERVER_ERROR // // Server error. // // Using this reason will result in `error=server_error`. AuthorizationFailReason_SERVER_ERROR = AuthorizationFailReason(`SERVER_ERROR`) // NOT_AUTHENTICATED // // The end-user was not authenticated. // // Using this reason will result in `error=login_required`. AuthorizationFailReason_NOT_AUTHENTICATED = AuthorizationFailReason(`NOT_AUTHENTICATED`) // ACCOUNT_SELECTION_REQUIRED // // The authorization server cannot obtain an account selection choice // made by the end-user. // // Using this reason will result in `error=account_selection_required`. AuthorizationFailReason_ACCOUNT_SELECTION_REQUIRED = AuthorizationFailReason(`ACCOUNT_SELECTION_REQUIRED`) // CONSENT_REQUIRED // // The authorization server cannot obtain consent from the end-user. // // Using this reason will result in `error=consent_required`. AuthorizationFailReason_CONSENT_REQUIRED = AuthorizationFailReason(`CONSENT_REQUIRED`) // INTERACTION_REQUIRED // // The authorization server needs interaction with the end-user. // // Using this reason will result in `error=interaction_required`. AuthorizationFailReason_INTERACTION_REQUIRED = AuthorizationFailReason(`INTERACTION_REQUIRED`) // INVALID_TARGET // // The requested resource is invalid, missing, unknown, or malformed. // See RFC 8707 Resource Indicators for OAuth 2.0 for details. // // Using this reason will result in `error=invalid_target`. // // Since v1.1.0. AuthorizationFailReason_INVALID_TARGET = AuthorizationFailReason(`INVALID_TARGET`) )
View Source
const ( AuthorizationIssueAction_INTERNAL_SERVER_ERROR = AuthorizationIssueAction(`INTERNAL_SERVER_ERROR`) AuthorizationIssueAction_BAD_REQUEST = AuthorizationIssueAction(`BAD_REQUEST`) AuthorizationIssueAction_LOCATION = AuthorizationIssueAction(`LOCATION`) AuthorizationIssueAction_FORM = AuthorizationIssueAction(`FORM`) )
View Source
const ( BackchannelAuthenticationAction_BAD_REQUEST = BackchannelAuthenticationAction(`BAD_REQUEST`) BackchannelAuthenticationAction_UNAUTHORIZED = BackchannelAuthenticationAction(`UNAUTHORIZED`) BackchannelAuthenticationAction_INTERNAL_SERVER_ERROR = BackchannelAuthenticationAction(`INTERNAL_SERVER_ERROR`) BackchannelAuthenticationAction_USER_IDENTIFICATION = BackchannelAuthenticationAction(`USER_IDENTIFICATION`) )
View Source
const ( BackchannelAuthenticationCompleteAction_NOTIFICATION = BackchannelAuthenticationCompleteAction(`NOTIFICATION`) BackchannelAuthenticationCompleteAction_NO_ACTION = BackchannelAuthenticationCompleteAction(`NO_ACTION`) BackchannelAuthenticationCompleteAction_SERVER_ERROR = BackchannelAuthenticationCompleteAction(`SERVER_ERROR`) )
View Source
const ( BackchannelAuthenticationCompleteResult_AUTHORIZED = BackchannelAuthenticationCompleteResult(`AUTHORIZED`) BackchannelAuthenticationCompleteResult_ACCESS_DENIED = BackchannelAuthenticationCompleteResult(`DENIED`) BackchannelAuthenticationCompleteResult_TRANSACTION_FAILED = BackchannelAuthenticationCompleteResult(`TRANSACTION_FAILED`) )
View Source
const ( BackchannelAuthenticationFailAction_BAD_REQUEST = BackchannelAuthenticationFailAction(`BAD_REQUEST`) BackchannelAuthenticationFailAction_FORBIDDEN = BackchannelAuthenticationFailAction(`FORBIDDEN`) BackchannelAuthenticationFailAction_INTERNAL_SERVER_ERROR = BackchannelAuthenticationFailAction(`INTERNAL_SERVER_ERROR`) )
View Source
const ( BackchannelAuthenticationFailReason_EXPIRED_LOGIN_HINT_TOKEN = BackchannelAuthenticationFailReason(`EXPIRED_LOGIN_HINT_TOKEN`) BackchannelAuthenticationFailReason_UNKNOWN_USER_ID = BackchannelAuthenticationFailReason(`UNKNOWN_USER_ID`) BackchannelAuthenticationFailReason_UNAUTHORIZED_CLIENT = BackchannelAuthenticationFailReason(`UNAUTHORIZED_CLIENT`) BackchannelAuthenticationFailReason_MISSING_USER_CODE = BackchannelAuthenticationFailReason(`MISSING_USER_CODE`) BackchannelAuthenticationFailReason_INVALID_USER_CODE = BackchannelAuthenticationFailReason(`INVALID_USER_CODE`) BackchannelAuthenticationFailReason_INVALID_BINDING_MESSAGE = BackchannelAuthenticationFailReason(`INVALID_BINDING_MESSAGE`) BackchannelAuthenticationFailReason_INVALID_TARGET = BackchannelAuthenticationFailReason(`INVALID_TARGET`) BackchannelAuthenticationFailReason_ACCESS_DENIED = BackchannelAuthenticationFailReason(`ACCESS_DENIED`) BackchannelAuthenticationFailReason_SERVER_ERROR = BackchannelAuthenticationFailReason(`SERVER_ERROR`) )
View Source
const ( BackchannelAuthenticationIssueAction_OK = BackchannelAuthenticationIssueAction(`OK`) BackchannelAuthenticationIssueAction_INTERNAL_SERVER_ERROR = BackchannelAuthenticationIssueAction(`INTERNAL_SERVER_ERROR`) BackchannelAuthenticationIssueAction_INVALID_TICKET = BackchannelAuthenticationIssueAction(`INVALID_TICKET`) )
View Source
const ( ClientRegistrationAction_INTERNAL_SERVER_ERROR = ClientRegistrationAction(`INTERNAL_SERVER_ERROR`) ClientRegistrationAction_BAD_REQUEST = ClientRegistrationAction(`BAD_REQUEST`) ClientRegistrationAction_CREATED = ClientRegistrationAction(`CREATED`) ClientRegistrationAction_UPDATED = ClientRegistrationAction(`UPDATED`) ClientRegistrationAction_DELETED = ClientRegistrationAction(`DELETED`) ClientRegistrationAction_OK = ClientRegistrationAction(`OK`) )
View Source
const ( DeviceAuthorizationAction_OK = DeviceAuthorizationAction(`OK`) DeviceAuthorizationAction_BAD_REQUEST = DeviceAuthorizationAction(`BAD_REQUEST`) DeviceAuthorizationAction_UNAUTHORIZED = DeviceAuthorizationAction(`UNAUTHORIZED`) DeviceAuthorizationAction_INTERNAL_SERVER_ERROR = DeviceAuthorizationAction(`INTERNAL_SERVER_ERROR`) )
View Source
const ( DeviceCompleteAction_SUCCESS = DeviceCompleteAction(`SUCCESS`) DeviceCompleteAction_INVALID_REQUEST = DeviceCompleteAction(`INVALID_REQUEST`) DeviceCompleteAction_USER_CODE_EXPIRED = DeviceCompleteAction(`USER_CODE_EXPIRED`) DeviceCompleteAction_USER_CODE_NOT_EXIST = DeviceCompleteAction(`USER_CODE_NOT_EXIST`) DeviceCompleteAction_SERVER_ERROR = DeviceCompleteAction(`SERVER_ERROR`) )
View Source
const ( DeviceCompleteResult_AUTHORIZED = DeviceCompleteResult(`AUTHORIZED`) DeviceCompleteResult_ACCESS_DENIED = DeviceCompleteResult(`ACCESS_DENIED`) DeviceCompleteResult_TRANSACTION_FAILED = DeviceCompleteResult(`TRANSACTION_FAILED`) )
View Source
const ( DeviceVerificationAction_VALID = DeviceVerificationAction(`VALID`) DeviceVerificationAction_EXPIRED = DeviceVerificationAction(`EXPIRED`) DeviceVerificationAction_NOT_EXIST = DeviceVerificationAction(`NOT_EXIST`) DeviceVerificationAction_SERVER_ERROR = DeviceVerificationAction(`SERVER_ERROR`) )
View Source
const ( HskAction_SUCCESS = HskAction(`SUCCESS`) HskAction_INVALID_REQUEST = HskAction(`INVALID_REQUEST`) HskAction_SERVER_ERROR = HskAction(`SERVER_ERROR`) )
View Source
const ( HskListAction_SUCCESS = HskAction(`SUCCESS`) HskListAction_INVALID_REQUEST = HskAction(`INVALID_REQUEST`) HskListAction_NOT_FOUND = HskAction(`NOT_FOUND`) HskListAction_SERVER_ERROR = HskAction(`SERVER_ERROR`) )
View Source
const ( IntrospectionAction_INTERNAL_SERVER_ERROR = IntrospectionAction(`INTERNAL_SERVER_ERROR`) IntrospectionAction_BAD_REQUEST = IntrospectionAction(`BAD_REQUEST`) IntrospectionAction_UNAUTHORIZED = IntrospectionAction(`UNAUTHORIZED`) IntrospectionAction_FORBIDDEN = IntrospectionAction(`FORBIDDEN`) IntrospectionAction_OK = IntrospectionAction(`OK`) )
View Source
const ( PushedAuthReqAction_CREATED = PushedAuthReqAction(`CREATED`) PushedAuthReqAction_BAD_REQUEST = PushedAuthReqAction(`BAD_REQUEST`) PushedAuthReqAction_UNAUTHORIZED = PushedAuthReqAction(`UNAUTHORIZED`) PushedAuthReqAction_FORBIDDEN = PushedAuthReqAction(`FORBIDDEN`) PushedAuthReqAction_PAYLOAD_TOO_LARGE = PushedAuthReqAction(`PAYLOAD_TOO_LARGE`) PushedAuthReqAction_INTERNAL_SERVER_ERROR = PushedAuthReqAction(`INTERNAL_SERVER_ERROR`) )
View Source
const ( RevocationAction_INVALID_CLIENT = RevocationAction(`INVALID_CLIENT`) RevocationAction_INTERNAL_SERVER_ERROR = RevocationAction(`INTERNAL_SERVER_ERROR`) RevocationAction_BAD_REQUEST = RevocationAction(`BAD_REQUEST`) RevocationAction_OK = RevocationAction(`OK`) )
View Source
const ( StandardIntrospectionAction_INTERNAL_SERVER_ERROR = StandardIntrospectionAction(`INTERNAL_SERVER_ERROR`) StandardIntrospectionAction_BAD_REQUEST = StandardIntrospectionAction(`BAD_REQUEST`) StandardIntrospectionAction_OK = StandardIntrospectionAction(`OK`) )
View Source
const ( TokenAction_INVALID_CLIENT = TokenAction(`INVALID_CLIENT`) TokenAction_INTERNAL_SERVER_ERROR = TokenAction(`INTERNAL_SERVER_ERROR`) TokenAction_BAD_REQUEST = TokenAction(`BAD_REQUEST`) TokenAction_PASSWORD = TokenAction(`PASSWORD`) TokenAction_OK = TokenAction(`OK`) TokenAction_TOKEN_EXCHANGE = TokenAction(`TOKEN_EXCHANGE`) TokenAction_JWT_BEARER = TokenAction(`JWT_BEARER`) )
View Source
const ( TokenCreateAction_INTERNAL_SERVER_ERROR = TokenCreateAction(`INTERNAL_SERVER_ERROR`) TokenCreateAction_BAD_REQUEST = TokenCreateAction(`BAD_REQUEST`) TokenCreateAction_FORBIDDEN = TokenCreateAction(`FORBIDDEN`) TokenCreateAction_OK = TokenCreateAction(`OK`) )
View Source
const ( TokenFailAction_INTERNAL_SERVER_ERROR = TokenFailAction(`INTERNAL_SERVER_ERROR`) TokenFailAction_BAD_REQUEST = TokenFailAction(`BAD_REQUEST`) )
View Source
const ( TokenFailReason_UNKNOWN = TokenFailReason(`UNKNOWN`) TokenFailReason_INVALID_RESOURCE_OWNER_CREDENTIALS = TokenFailReason(`INVALID_RESOURCE_OWNER_CREDENTIALS`) TokenFailReason_INVALID_TARGET = TokenFailReason(`INVALID_TARGET`) )
View Source
const ( TokenIssueAction_INTERNAL_SERVER_ERROR = TokenIssueAction(`INTERNAL_SERVER_ERROR`) TokenIssueAction_OK = TokenIssueAction(`OK`) )
View Source
const ( TokenUpdateAction_INTERNAL_SERVER_ERROR = TokenUpdateAction(`INTERNAL_SERVER_ERROR`) TokenUpdateAction_BAD_REQUEST = TokenUpdateAction(`BAD_REQUEST`) TokenUpdateAction_FORBIDDEN = TokenUpdateAction(`FORBIDDEN`) TokenUpdateAction_NOT_FOUND = TokenUpdateAction(`NOT_FOUND`) TokenUpdateAction_OK = TokenUpdateAction(`OK`) )
View Source
const ( UserInfoAction_INTERNAL_SERVER_ERROR = UserInfoAction(`INTERNAL_SERVER_ERROR`) UserInfoAction_BAD_REQUEST = UserInfoAction(`BAD_REQUEST`) UserInfoAction_UNAUTHORIZED = UserInfoAction(`UNAUTHORIZED`) UserInfoAction_FORBIDDEN = UserInfoAction(`FORBIDDEN`) UserInfoAction_OK = UserInfoAction(`OK`) )
View Source
const ( UserInfoIssueAction_INTERNAL_SERVER_ERROR = UserInfoIssueAction(`INTERNAL_SERVER_ERROR`) UserInfoIssueAction_BAD_REQUEST = UserInfoIssueAction(`BAD_REQUEST`) UserInfoIssueAction_UNAUTHORIZED = UserInfoIssueAction(`UNAUTHORIZED`) UserInfoIssueAction_FORBIDDEN = UserInfoIssueAction(`FORBIDDEN`) UserInfoIssueAction_JSON = UserInfoIssueAction(`JSON`) UserInfoIssueAction_JWT = UserInfoIssueAction(`JWT`) )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AccessToken ¶
type AccessToken struct {
//
AccessTokenHash string `json:"accessTokenHash,omitempty"`
//
RefresthTokenHash string `json:"refreshTokenHash,omitempty"`
//
ClientId uint64 `json:"clientId,omitempty"`
//
Subject string `json:"subject,omitempty"`
//
GrantType types.GrantType `json:"grantType,omitempty"`
//
Scopes []string `json:"scopes,omitempty"`
//
AccessTokenExpiresAt uint64 `json:"accessTokenExpiresAt,omitempty"`
//
RefreshTokenExpiresAt uint64 `json:"refreshTokenExpiresAt,omitempty"`
//
CreatedAt uint64 `json:"createdAt,omitempty"`
//
LastRefreshedAt uint64 `json:"lastRefreshedAt,omitempty"`
//
Properties []Property `json:"properties,omitempty"`
}
type Address ¶
type Address struct {
Formatted string `json:"formatted,omitempty"`
StreetAddress string `json:"street_address,omitempty"`
Locality string `json:"locality,omitempty"`
Region string `json:"region,omitempty"`
PostalCode string `json:"postal_code,omitempty"`
Country string `json:"country,omitempty"`
}
Address represents the address claim defined in OIDC Core, Section 5.1.1.
type ApiResponse ¶
type ApiResponse struct {
// The code of the result of an Authlete API call.
ResultCode string `json:"resultCode,omitempty"`
// The message of the result of an Authlete API call.
ResultMessage string `json:"resultMessage,omitempty"`
}
ApiResponse is the base class of classes that represent responses from Authlete APIs.
type AuthorizationAction ¶
type AuthorizationAction string
type AuthorizationFailAction ¶
type AuthorizationFailAction string
type AuthorizationFailReason ¶
type AuthorizationFailReason string
type AuthorizationFailRequest ¶
type AuthorizationFailRequest struct {
// The ticket issued by Authlete's /api/auth/authorization API.
Ticket string `json:"ticket,omitempty"`
// The reason of the failure of the authorization request.
Reason AuthorizationFailReason `json:"reason,omitempty"`
// The custom description about the authorization failure.
Description string `json:"description,omitempty"`
}
Request to Authlete's /api/auth/authorization/fail API.
type AuthorizationFailResponse ¶
type AuthorizationFailResponse struct {
ApiResponse
// The next action that the authorization server should take.
Action AuthorizationFailAction `json:"action,omitempty"`
// The response content which can be used to generated a response to the client.
ResponseContent string `json:"responseContent,omitempty"`
}
Response from Authlete's /api/auth/authorization/fail API.
type AuthorizationIssueAction ¶
type AuthorizationIssueAction string
type AuthorizationIssueRequest ¶
type AuthorizationIssueRequest struct {
// The ticket issued by Authlete's /api/auth/authorization API.
Ticket string `json:"ticket,omitempty"`
// The subject (unique identifier) of the user.
Subject string `json:"subject,omitempty"`
// The value of the `sub` claim in an ID token.
//
// When this property is empty, the value of Subject is used as
// the value of the `sub` claim.
Sub string `json:"sub,omitempty"`
// The time when the use was authenticated. (Seconds since epoch)
AuthTime uint64 `json:"authTime,omitempty"`
// The authentication context class reference.
Acr string `json:"acr,omitempty"`
// Claims in JSON format.
Claims string `json:"claims,omitempty"`
// Properties to associate with tokens.
Properties []Property `json:"properties,omitempty"`
// Scopes to associate with tokens.
//
// When this property is empty, the scopes specified in the original
// authorization request are used.
Scopes []string `json:"scopes,omitempty"`
// JSON that represents additional JWS header parameters for ID tokens
// that may be issued based on the authorization request.
//
// Since v1.1.0.
IdtHeaderParams string `json:"idtHeaderParams,omitempty"`
// Claims that the user has consented for the client application to know.
//
// Since v1.1.5.
ConsentedClaims []string `json:"consentedClaims,omitempty"`
// Claim key-value pairs that are used to compute values of transformed
// claims. The format is JSON.
//
// Since v1.1.5.
ClaimsForTx string `json:"claimsForTx,omitempty"`
// Verified claim key-value pairs that are used to compute values of
// transformed claims. The format of each element is JSON.
//
// Since v1.1.5.
VerifiedClaimsForTx []string `json:"verifiedClaimsForTx,omitempty"`
// Additional claims that are added to the payload part of the JWT
// access token.
//
// Since v1.1.5.
JwtAtClaims string `json:"jwtAtClaims,omitempty"`
// The representation of an access token that may be issued as a result
// of the Authlete API call.
//
// Since v1.1.5.
AccessToken string `json:"accessToken,omitempty"`
}
Request to Authlete's /api/auth/authorization/issue API.
type AuthorizationIssueResponse ¶
type AuthorizationIssueResponse struct {
ApiResponse
// The next action that the authorization server should take.
Action AuthorizationIssueAction `json:"action,omitempty"`
// The response content which can be used to generated a response to the client.
ResponseContent string `json:"responseContent,omitempty"`
// The issued access token.
//
// An access token is issued when the `response_type` request parameter of
// the authorization request includes `token`.
AccessToken string `json:"accessToken,omitempty"`
// The expiration date of the access token.
//
// The date in milliseconds since the Unix epoch at which the access token
// will expire.
AccessTokenExpiresAt uint64 `json:"accessTokenExpiresAt,omitempty"`
// The duration of the access token in seconds.
AccessTokenDuration uint64 `json:"accessTokenDuration,omitempty"`
// The issued ID token.
//
// An ID token is issued when the `response_type` request parameter of the
// authorization request includes `id_token`.
IdToken string `json:"idToken,omitempty"`
// The issued authorization code.
//
// An authorization code is issued when the `response_type` request parameter
// of the authorization request includes `code`.
AuthorizationCode string `json:"authorizationCode,omitempty"`
// The issued acces token in JWT format.
//
// If the authorization server is configued to issue JWT-based access tokens
// (= if Service.AccessTokenSignAlg returns a non-nil value), a JWT-based
// access token is issued along with the original random-string one.
JwtAcessToken string `json:"jwtAccessToken,omitempty"`
}
Response from Authlete's /api/auth/authorization/issue API.
type AuthorizationRequest ¶
type AuthorizationRequest struct {
// Request parameters to the authorization endpoint.
//
// The format is `application/x-www-form-urlencoded`.
Parameters string `json:"parameters"` // omitempty is not added intentionally.
}
type AuthorizationResponse ¶
type AuthorizationResponse struct {
ApiResponse
// The next action that the authorization server should take.
Action AuthorizationAction `json:"action,omitempty"`
//
Service Service `json:"service,omitempty"`
//
Client Client `json:"client,omitempty"`
//
Display types.Display `json:"display,omitempty"`
//
MaxAge uint32 `json:"maxAge,omitempty"`
//
Scopes []Scope `json:"scopes,omitempty"`
//
DynamicScopes []DynamicScope `json:"dynamicScopes,omitempty"`
//
UiLocales []string `json:"uiLocales,omitempty"`
//
ClaimsLocales []string `json:"claimsLocales,omitempty"`
//
Claims []string `json:"claims,omitempty"`
//
AcrEssential bool `json:"acrEssential,omitempty"`
//
ClientIdAliasUsed bool `json:"clientIdAliasUsed,omitempty"`
//
Acrs []string `json:"acrs,omitempty"`
//
Subject string `json:"subject,omitempty"`
//
LoginHint string `json:"loginHint,omitempty"`
//
Prompts []types.Prompt `json:"prompts,omitempty"`
//
RequestObjectPayload string `json:"requestObjectPayload,omitempty"`
//
IdTokenClaims string `json:"idTokenClaims,omitempty"`
//
UserInfoClaims string `json:"userInfoClaims,omitempty"`
//
Resources []string `json:"resources,omitempty"`
//
Purpose string `json:"purpose,omitempty"`
//
ResponseContent string `json:"responseContent,omitempty"`
//
Ticket string `json:"ticket,omitempty"`
}
type AuthorizedClientListResponse ¶
type AuthorizedClientListResponse struct {
ClientListResponse
Subject string `json:"subject,omitempty"`
}
type BackchannelAuthenticationAction ¶
type BackchannelAuthenticationAction string
type BackchannelAuthenticationCompleteAction ¶
type BackchannelAuthenticationCompleteAction string
type BackchannelAuthenticationCompleteRequest ¶
type BackchannelAuthenticationCompleteRequest struct {
//
Ticket string `json:"ticket,omitempty"`
//
Result BackchannelAuthenticationCompleteResult `json:"result,omitempty"`
//
Subject string `json:"subject,omitempty"`
//
Sub string `json:"sub,omitempty"`
//
AuthTime uint64 `json:"authTime,omitempty"`
//
Acr string `json:"acr,omitempty"`
//
Claims string `json:"claims,omitempty"`
//
Properties []Property `json:"properties,omitempty"`
//
Scopes []string `json:"scopes,omitempty"`
//
IdtHeaderParams string `json:"idtHeaderParams,omitempty"`
// Claims that the user has consented for the client application to know.
//
// Since v1.1.5.
ConsentedClaims []string `json:"consentedClaims,omitempty"`
// Additional claims that are added to the payload part of the JWT
// access token.
//
// Since v1.1.5.
JwtAtClaims string `json:"jwtAtClaims,omitempty"`
// The representation of an access token that may be issued as a result
// of the Authlete API call.
//
// Since v1.1.5.
AccessToken string `json:"accessToken,omitempty"`
//
ErrorDescription string `json:"errorDescription,omitempty"`
//
ErrorUri string `json:"errorUri,omitempty"`
}
type BackchannelAuthenticationCompleteResponse ¶
type BackchannelAuthenticationCompleteResponse struct {
ApiResponse
//
Action BackchannelAuthenticationCompleteAction `json:"action,omitempty"`
//
ResponseContent string `json:"responseContent,omitempty"`
//
ClientId uint64 `json:"clientId,omitempty"`
//
ClientIdAlias string `json:"clientIdAlias,omitempty"`
//
ClientName string `json:"clientName,omitempty"`
//
DeliveryMode types.DeliveryMode `json:"deliveryMode,omitempty"`
//
ClientNotificationEndpoint string `json:"clientNotificationEndpoint,omitempty"`
//
ClientNotificationToken string `json:"clientNotificationToken,omitempty"`
//
AuthReqId string `json:"authReqId,omitempty"`
//
AccessToken string `json:"accessToken,omitempty"`
//
RefreshToken string `json:"refreshToken,omitempty"`
//
IdToken string `json:"idToken,omitempty"`
//
AccessTokenDuration uint64 `json:"accessTokenDuration,omitempty"`
//
RefreshTokenDuration uint64 `json:"refreshTokenDuration,omitempty"`
//
IdTokenDuration uint64 `json:"idTokenDuration,omitempty"`
//
JwtAccessToken string `json:"jwtAccessToken,omitempty"`
//
Resources []string `json:"resources,omitempty"`
//
ServiceAttributes []Pair `json:"serviceAttributes,omitempty"`
//
ClientAttributes []Pair `json:"clientAttributes,omitempty"`
}
type BackchannelAuthenticationCompleteResult ¶
type BackchannelAuthenticationCompleteResult string
type BackchannelAuthenticationFailAction ¶
type BackchannelAuthenticationFailAction string
type BackchannelAuthenticationFailReason ¶
type BackchannelAuthenticationFailReason string
type BackchannelAuthenticationFailRequest ¶
type BackchannelAuthenticationFailRequest struct {
//
Ticket string `json:"ticket,omitempty"`
//
Reason BackchannelAuthenticationFailReason `json:"reason,omitempty"`
//
ErrorDescription string `json:"errorDescription,omitempty"`
//
ErrorUri string `json:"errorUri,omitempty"`
}
type BackchannelAuthenticationFailResponse ¶
type BackchannelAuthenticationFailResponse struct {
ApiResponse
//
Action BackchannelAuthenticationFailAction `json:"action,omitempty"`
//
ResponseContent string `json:"responseContent,omitempty"`
}
type BackchannelAuthenticationIssueAction ¶
type BackchannelAuthenticationIssueAction string
type BackchannelAuthenticationIssueRequest ¶
type BackchannelAuthenticationIssueRequest struct {
//
Ticket string `json:"ticket,omitempty"`
}
type BackchannelAuthenticationIssueResponse ¶
type BackchannelAuthenticationIssueResponse struct {
ApiResponse
//
Action BackchannelAuthenticationIssueAction `json:"action,omitempty"`
//
ResponseContent string `json:"responseContent,omitempty"`
//
AuthReqId string `json:"authReqId,omitempty"`
//
ExpiresIn uint32 `json:"expiresIn,omitempty"`
//
Interval uint32 `json:"interval,omitempty"`
}
type BackchannelAuthenticationRequest ¶
type BackchannelAuthenticationRequest struct {
//
Parameters string `json:"parameters"` // omitempty is not added intentionally.
//
ClientId string `json:"clientId,omitempty"`
//
ClientSecret string `json:"clientSecret,omitempty"`
//
ClientCertificate string `json:"clientCertificate,omitempty"`
//
ClientCertificatePath []string `json:"clientCertificatePath,omitempty"`
}
type BackchannelAuthenticationResponse ¶
type BackchannelAuthenticationResponse struct {
ApiResponse
//
Action BackchannelAuthenticationAction `json:"action,omitempty"`
//
ResponseContent string `json:"responseContent,omitempty"`
//
ClientId uint64 `json:"clientId,omitempty"`
//
ClientIdAlias string `json:"clientIdAlias,omitempty"`
//
ClientName string `json:"clientName,omitempty"`
//
ClientAuthMethod types.ClientAuthMethod `json:"clientAuthMethod,omitempty"`
//
DeliveryMode types.DeliveryMode `json:"deliveryMode,omitempty"`
//
Scopes []Scope `json:"scopes,omitempty"`
//
DynamicScopes []DynamicScope `json:"dynamicScopes,omitempty"`
//
ClaimNames []string `json:"claimNames,omitempty"`
//
ClientNotificationToken string `json:"clientNotificationToken,omitempty"`
//
Acrs []string `json:"acrs,omitempty"`
//
HintType types.UserIdentificationHintType `json:"hintType,omitempty"`
//
Hint string `json:"hint,omitempty"`
//
Sub string `json:"sub,omitempty"`
//
BindingMessage string `json:"bindingMessage,omitempty"`
//
UserCode string `json:"userCode,omitempty"`
//
UserCodeRequired bool `json:"userCodeRequired,omitempty"`
//
RequestedExpiry uint32 `json:"requestedExpiry,omitempty"`
//
RequestContext string `json:"requestContext,omitempty"`
//
Resources []string `json:"resources,omitempty"`
//
ServiceAttributes []Pair `json:"serviceAttributes,omitempty"`
//
ClientAttributes []Pair `json:"clientAttributes,omitempty"`
//
Warnings []string `json:"warnings,omitempty"`
//
Ticket string `json:"ticket,omitempty"`
}
type Client ¶
type Client struct {
// The developer of this client.
Developer string `json:"developer,omitempty"`
// The client ID
ClientId uint64 `json:"clientId,omitempty"`
// The alias of the client ID.
ClientIdAlias string `json:"clientIdAlias,omitempty"`
// The flag which indicates whether the feature of Clien ID Alias is enabled.
ClientIdAliasEnabled bool `json:"clientIdAliasEnabled,omitempty"`
// The client secret.
ClientSecret string `json:"clientSecret,omitempty"`
// The client type.
ClientType types.ClientType `json:"clientType,omitempty"`
// Redirect URIs.
RedirectUris []string `json:"redirectUris,omitempty"`
// Response types that this client declares it may use.
ResponseTypes []types.ResponseType `json:"responseTypes,omitempty"`
// Grant types that this client declares it may use.
GrantTypes []types.GrantType `json:"grantTypes,omitempty"`
// The application type.
ApplicationType types.ApplicationType `json:"applicationType,omitempty"`
// Email addresses of contacts.
Contacts []string `json:"contacts,omitempty"`
// The name of the client.
ClientName string `json:"clientName,omitempty"`
// Client names for various locales.
ClientNames []TaggedValue `json:"clientNames,omitempty"`
// The URL where the logo image is located.
LogoUri string `json:"logoUri,omitempty"`
// Logo URIs for various locales.
LogoUris []TaggedValue `json:"logoUris,omitempty"`
// The URL of the website for the client.
ClientUri string `json:"clientUri,omitempty"`
// Client URIs for various locales.
ClientUris []TaggedValue `json:"clientUris,omitempty"`
// The URL of the policy page.
PolicyUri string `json:"policyUri,omitempty"`
// Policy URIs for various locales.
PolicyUris []TaggedValue `json:"policyUris,omitempty"`
// The URL of the Terms Of Service page.
TosUri string `json:"tosUri,omitempty"`
// TOS URIs for various locales.
TosUris []TaggedValue `json:"tosUris,omitempty"`
// The URL of the JWK Set document.
JwksUri string `json:"jwksUri,omitempty"`
// The JWK Set document.
Jwks string `json:"jwks,omitempty"`
// Calculated sector identifier host component.
DerivedSectorIdentifier string `json:"derivedSectorIdentifier,omitempty"`
// The sector identifier URI.
SectorIdentifierUri string `json:"sectorIdentifierUri,omitempty"`
// The subject type.
SubjectType types.SubjectType `json:"subjectType,omitempty"`
// JWS 'alg' for ID tokens.
IdTokenSignAlg types.JWSAlg `json:"idTokenSignAlg,omitempty"`
// JWE 'alg' for ID tokens.
IdTokenEncryptionAlg types.JWEAlg `json:"idTokenEncryptionAlg,omitempty"`
// JWE 'enc' for ID tokens.
IdTokenEncryptionEnc types.JWEEnc `json:"idTokenEncryptionEnc,omitempty"`
// JWS 'alg' for userinfo responses.
UserInfoSignAlg types.JWSAlg `json:"userInfoSignAlg,omitempty"`
// JWE 'alg' for userinfo responses.
UserInfoEncryptionAlg types.JWEAlg `json:"userInfoEncryptionAlg,omitempty"`
// JWE 'enc' for userinfo responses.
UserInfoEncryptionEnc types.JWEEnc `json:"userInfoEncryptionEnc,omitempty"`
// JWS 'alg' for request objects.
RequestSignAlg types.JWSAlg `json:"requestSignAlg,omitempty"`
// JWE 'alg' for request objects.
RequestEncryptionAlg types.JWEAlg `json:"requestEncryptionAlg,omitempty"`
// JWE 'enc' for request objects.
RequestEncryptionEnc types.JWEEnc `json:"requestEncryptionEnc,omitempty"`
// Client authentication method at the token endpoint.
TokenAuthMethod types.ClientAuthMethod `json:"tokenAuthMethod,omitempty"`
// JWS 'alg' for client assertions at the token endpoint.
TokenAuthSignAlg types.JWSAlg `json:"tokenAuthSignAlg,omitempty"`
// The default max age.
DefaultMaxAge uint32 `json:"defaultMaxAge,omitempty"`
// Default ACR values.
DefaultAcrs []string `json:"defaultAcrs,omitempty"`
// The flag which indicates whether this client always requires `auth_time`.
AuthTimeRequired bool `json:"authTimeRequired,omitempty"`
// The URL that can initiate login for this client application.
LoginUri string `json:"loginUri,omitempty"`
// The request URIs that this client declares it may use.
RequestUris []string `json:"requestUris,omitempty"`
// The description about this client.
Description string `json:"description,omitempty"`
// Descriptions for various locales.
Descriptions []TaggedValue `json:"descriptions,omitempty"`
// The time at which this client was created. Milliseconds since the Unix epoch.
CreatedAt uint64 `json:"createdAt,omitempty"`
// The time at which this client was last modified. MIlliseconds since the Unix epoch.
ModifiedAt uint64 `json:"modifiedAt,omitempty"`
// The extended information about this client.
Extension ClientExtension `json:"extension,omitempty"`
// The subject distinguished name of the certificate this client will use in MTLS.
TlsClientAuthSubjectDn string `json:"tlsClientAuthSubjectDn,omitempty"`
// The DNS subject alternative name of the certificate this client will use in MTLS.
TlsClientAuthSanDns string `json:"tlsClientAuthSanDns,omitempty"`
// The URI subject alternative name of the certificate this client will use in MTLS.
TlsClientAuthSanUri string `json:"tlsClientAuthSanUri,omitempty"`
// The IP address subject alternative name of the certificate this client will use in MTLS.
TlsClientAuthSanIp string `json:"tlsClientAuthSanIp,omitempty"`
// The email subject alternative name of the certificate this client will use in MTLS.
TlsClientAuthSanEmail string `json:"tlsClientAuthSanEmail,omitempty"`
// The flag which indicates whether certificate binding is enabled.
TlsClientCertificateBoundAccessTokens bool `json:"tlsClientCertificateBoundAccessTokens,omitempty"`
// The key ID of the JWK that represents a self-signed certificate used for client authentication.
SelfSignedCertificateKeyId string `json:"selfSignedCertificateKeyId,omitempty"`
// The software ID.
SoftwareId string `json:"softwareId,omitempty"`
// The software version
SoftwareVersion string `json:"softwareVersion,omitempty"`
// JWS 'alg' for authorization responses in JWT format (JARM).
AuthorizationSignAlg types.JWSAlg `json:"authorizationSignAlg,omitempty"`
// JWE 'alg' for authorization responses in JWT format (JARM).
AuthorizationEncryptionAlg types.JWEAlg `json:"authorizationEncryptionAlg,omitempty"`
// JWE 'enc' for authorization responses in JWT format (JARM).
AuthorizationEncryptionEnc types.JWEEnc `json:"authorizationEncryptionEnc,omitempty"`
// Backchannel token delivery mode.
BcDeliveryMode types.DeliveryMode `json:"bcDeliveryMode,omitempty"`
// Backchannel client notification endpoint.
BcNotificationEndpoint string `json:"bcNotificationEndpoint,omitempty"`
// JWS 'alg' for backchannel authentication request in JWT format.
BcRequestSignAlg types.JWSAlg `json:"bcRequestSignAlg,omitempty"`
// The flag which indicates whether user_code is required in backchannel authentication request.
BcUserCodeRequired bool `json:"bcUserCodeRequired,omitempty"`
// The flag which indicates whether this client has been registered dynamically.
DynamicallyRegistered bool `json:"dynamicallyRegistered,omitempty"`
// The hash of the registration access token.
RegistrationAccessTokenHash string `json:"registrationAccessTokenHash,omitempty"`
// The data types that this client may use as values of the `type` field
// in `authorization_details`.
AuthorizationDetailsTypes []string `json:"authorizationDetailsTypes,omitempty"`
// The flag which indicates whether this client is required to use PAR
// (OAuth 2.0 Pushed Authorization Requests).
ParRequired bool `json:"parRequired,omitempty"`
// The flag which indicates whether authorization requests from this client
// are always required to utilize a request object by using either `request`
// or `request_uri` request parameter.
RequestObjectRequired bool `json:"requestObjectRequired,omitempty"`
// Arbitrary attributes associated with this client.
Attributes []Pair `json:"attributes,omitempty"`
// Custom metadata supported by this client.
CustomMetadata string `json:"customMetadata,omitempty"`
// The flag which indicates whether encryption of request object is required
// when the request object is passed through the front channel.
FrontChannelRequestObjectEncryptionRequired bool `json:"frontChannelRequestObjectEncryptionRequired,omitempty"`
// The flag which indicates whether the JWE alg of encrypted request
// object must match the value of the request_object_encryption_alg client metadata.
RequestObjectEncryptionAlgMatchRequired bool `json:"requestObjectEncryptionAlgMatchRequired,omitempty"`
// The flag which indicates whether the JWE enc of encrypted request
// object must match the value of the request_object_encryption_enc client metadata.
RequestObjectEncryptionEncMatchRequired bool `json:"requestObjectEncryptionEncMatchRequired,omitempty"`
// The flag which indicates whether code_challenge is required in authorization request.
PkceRequired bool `json:"pkceRequired,omitempty"`
// The flag which indicates whether code_challenge_method=S256 is required in authorization request.
PkceS256Required bool `json:"pkceS256Required,omitempty"`
}
type ClientAuthorizationDeleteRequest ¶
type ClientAuthorizationDeleteRequest struct {
Subject string `json:"subject,omitempty"`
}
type ClientExtension ¶
type ClientExtension struct {
RequestableScopesEnabled bool `json:"requestableScopesEnabled,omitempty"`
RequestableScopes []string `json:"requestableScopes,omitempty"`
AccessTokenDuration uint64 `json:"accessTokenDuration,omitempty"`
RefreshTokenDuration uint64 `json:"refreshTokenDuration,omitempty"`
}
type ClientListResponse ¶
type ClientRegistrationAction ¶
type ClientRegistrationAction string
type ClientRegistrationResponse ¶
type ClientRegistrationResponse struct {
ApiResponse
//
Action ClientRegistrationAction `json:"action,omitempty"`
//
ResponseContent string `json:"responseContent,omitempty"`
//
Client Client `json:"client,omitempty"`
}
type ClientSecretUpdateRequest ¶
type ClientSecretUpdateRequest struct {
ClientSecret string `json:"clientSecret,omitempty"`
}
type DeviceAuthorizationAction ¶
type DeviceAuthorizationAction string
type DeviceAuthorizationRequest ¶
type DeviceAuthorizationRequest struct {
//
Parameters string `json:"parameters"` // omitempty is not added intentionally.
//
ClientId string `json:"clientId,omitempty"`
//
ClientSecret string `json:"clientSecret,omitempty"`
//
ClientCertificate string `json:"clientCertificate,omitempty"`
//
ClientCertificatePath []string `json:"clientCertificatePath,omitempty"`
}
type DeviceAuthorizationResponse ¶
type DeviceAuthorizationResponse struct {
ApiResponse
//
Action DeviceAuthorizationAction `json:"action,omitempty"`
//
ResponseContent string `json:"responseContent,omitempty"`
//
ClientId uint64 `json:"clientId,omitempty"`
//
ClientIdAlias string `json:"clientIdAlias,omitempty"`
//
ClientIdAliasUsed bool `json:"clientIdAliasUsed,omitempty"`
//
ClientName string `json:"clientName,omitempty"`
//
ClientAuthMethod types.ClientAuthMethod `json:"clientAuthMethod,omitempty"`
//
Scopes []Scope `json:"scopes,omitempty"`
//
DynamicScopes []DynamicScope `json:"dynamicScopes,omitempty"`
//
ClaimNames []string `json:"claimNames,omitempty"`
//
Acrs []string `json:"acrs,omitempty"`
//
DeviceCode string `json:"deviceCode,omitempty"`
//
UserCode string `json:"userCode,omitempty"`
//
VerificationUri string `json:"verificationUri,omitempty"`
//
VerificationUriComplete string `json:"verificationUriComplete,omitempty"`
//
ExpiresIn uint32 `json:"expiresIn,omitempty"`
//
Interval uint32 `json:"interval,omitempty"`
//
Resources []string `json:"resources,omitempty"`
//
ServiceAttributes []Pair `json:"serviceAttributes,omitempty"`
//
ClientAttributes []Pair `json:"clientAttributes,omitempty"`
//
Warnings []string `json:"warnings,omitempty"`
}
type DeviceCompleteAction ¶
type DeviceCompleteAction string
type DeviceCompleteRequest ¶
type DeviceCompleteRequest struct {
//
UserCode string `json:"userCode,omitempty"`
//
Result DeviceCompleteResult `json:"result,omitempty"`
//
Sujbect string `json:"subject,omitempty"`
//
Sub string `json:"sub,omitempty"`
//
AuthTime uint64 `json:"authTime,omitempty"`
//
Acr string `json:"acr,omitempty"`
//
Claims string `json:"claims,omitempty"`
//
Properties []Property `json:"properties,omitempty"`
//
Scopes []string `json:"scopes,omitempty"`
//
IdtHeaderParams string `json:"idtHeaderParams,omitempty"`
// Claims that the user has consented for the client application to know.
//
// Since v1.1.5.
ConsentedClaims []string `json:"consentedClaims,omitempty"`
// Additional claims that are added to the payload part of the JWT
// access token.
//
// Since v1.1.5.
JwtAtClaims string `json:"jwtAtClaims,omitempty"`
//
ErrorDescription string `json:"errorDescription,omitempty"`
//
ErrorUri string `json:"errorUri,omitempty"`
}
type DeviceCompleteResponse ¶
type DeviceCompleteResponse struct {
ApiResponse
//
Action DeviceCompleteAction `json:"action,omitempty"`
}
type DeviceCompleteResult ¶
type DeviceCompleteResult string
type DeviceVerificationAction ¶
type DeviceVerificationAction string
type DeviceVerificationRequest ¶
type DeviceVerificationRequest struct {
UserCode string `json:"userCode,omitempty"`
}
type DeviceVerificationResponse ¶
type DeviceVerificationResponse struct {
ApiResponse
//
Action DeviceVerificationAction `json:"action,omitempty"`
//
ClientId uint64 `json:"clientId,omitempty"`
//
ClientIdAlias string `json:"clientIdAlias,omitempty"`
//
ClientIdAliasUsed bool `json:"clientIdAliasUsed,omitempty"`
//
ClientName string `json:"clientName,omitempty"`
//
Scopes []Scope `json:"scopes,omitempty"`
//
DynamicScopes []DynamicScope `json:"dynamicScopes,omitempty"`
//
ClaimNames []string `json:"claimNames,omitempty"`
//
Acrs []string `json:"acrs,omitempty"`
//
ExpiresAt uint64 `json:"expiresAt,omitempty"`
//
Resources []string `json:"resources,omitempty"`
//
ServiceAttributes []Pair `json:"serviceAttributes,omitempty"`
//
ClientAttributes []Pair `json:"clientAttributes,omitempty"`
}
type DynamicScope ¶ added in v1.1.3
type GrantedScopesGetResponse ¶
type GrantedScopesGetResponse struct {
ApiResponse
//
ServiceApiKey uint64 `json:"serviceApiKey,omitempty"`
//
ClientId uint64 `json:"clientId,omitempty"`
//
Subject string `json:"subject,omitempty"`
//
LatestGrantedScopes []string `json:"latestGrantedScopes,omitempty"`
//
MergedGrantedScopes []string `json:"mergedGrantedScopes,omitempty"`
//
ModifiedAt uint64 `json:"modifiedAt,omitempty"`
}
type Hsk ¶ added in v1.1.3
type Hsk struct {
//
Kty string `json:"kty,omitempty"`
//
Use string `json:"use,omitempty"`
//
Alg string `json:"alg,omitempty"`
//
Kid string `json:"kid,omitempty"`
//
HsmName string `json:"hsmName,omitempty"`
//
Handle string `json:"handle,omitempty"`
//
PublicKey string `json:"publicKey,omitempty"`
}
type HskCreateRequest ¶ added in v1.1.3
type HskListAction ¶ added in v1.1.3
type HskListAction string
type HskListResponse ¶ added in v1.1.3
type HskListResponse struct {
ApiResponse
//
Action HskListAction `json:"action,omitempty"`
//
Hsks []Hsk `json:"hsks,omitempty"`
}
type HskResponse ¶ added in v1.1.3
type HskResponse struct {
ApiResponse
//
Action HskAction `json:"action,omitempty"`
//
Hsk Hsk `json:"hsk,omitempty"`
}
type IntrospectionAction ¶
type IntrospectionAction string
type IntrospectionRequest ¶
type IntrospectionRequest struct {
Token string `json:"token,omitempty"`
Scopes []string `json:"scopes,omitempty"`
Subject string `json:"subject,omitempty"`
ClientCertificate string `json:"clientCertificate,omitempty"`
Dpop string `json:"dpop,omitempty"`
Htm string `json:"htm,omitempty"`
Htu string `json:"htu,omitempty"`
}
type IntrospectionResponse ¶
type IntrospectionResponse struct {
ApiResponse
//
Action IntrospectionAction `json:"action,omitempty"`
//
ClientId uint64 `json:"clientId,omitempty"`
//
Subject string `json:"subject,omitempty"`
//
Scopes []string `json:"scopes,omitempty"`
//
Existent bool `json:"existent,omitempty"`
//
Usable bool `json:"usable,omitempty"`
//
Sufficient bool `json:"sufficient,omitempty"`
//
Refreshable bool `json:"refreshable,omitempty"`
//
ResponseContent string `json:"responseContent,omitempty"`
//
ExpiresAt uint64 `json:"expiresAt,omitempty"`
//
Properties []Property `json:"properties,omitempty"`
//
ClientIdAlias string `json:"clientIdAlias,omitempty"`
//
ClientIdAliasUsed bool `json:"clientIdAliasUsed,omitempty"`
//
CertificateThumbprint string `json:"certificateThumbprint,omitempty"`
//
Resources []string `json:"resources,omitempty"`
//
AccessTokenResources []string `json:"accessTokenResources,omitempty"`
//
ServiceAttributes []Pair `json:"serviceAttributes,omitempty"`
//
ClientAttributes []Pair `json:"clientAttributes,omitempty"`
}
type JoseVerifyRequest ¶
type JoseVerifyRequest struct {
//
Jose string `json:"jose,omitempty"`
//
MandatoryClaims []string `json:"mandatoryClaims,omitempty"`
//
ClockSkew uint32 `json:"clockSkew,omitempty"`
//
ClientIdentifier string `json:"clientIdentifier,omitempty"`
//
SignedByClient bool `json:"signedByClient,omitempty"`
}
type JoseVerifyResponse ¶
type JoseVerifyResponse struct {
ApiResponse
//
Valid bool `json:"valid,omitempty"`
//
SignatureValid bool `json:"signatureValid,omitempty"`
//
MissingClaims []string `json:"missingClaims,omitempty"`
//
InvalidClaims []string `json:"invalidClaims,omitempty"`
//
ErrorDescriptions []string `json:"errorDescriptions,omitempty"`
}
type PushedAuthReqAction ¶ added in v1.1.0
type PushedAuthReqAction string
type PushedAuthReqRequest ¶ added in v1.1.0
type PushedAuthReqRequest struct {
//
Parameters string `json:"parameters"` // omitempty is not added intentionally.
//
ClientId string `json:"clientId,omitempty"`
//
ClientSecret string `json:"clientSecret,omitempty"`
//
ClientCertificate string `json:"clientCertificate,omitempty"`
//
ClientCertificatePath []string `json:"clientCertificatePath,omitempty"`
}
type PushedAuthReqResponse ¶ added in v1.1.0
type PushedAuthReqResponse struct {
ApiResponse
//
Action PushedAuthReqAction `json:"action,omitempty"`
//
ResponseContent string `json:"responseContent,omitempty"`
//
ClientAuthMethod types.ClientAuthMethod `json:"clientAuthMethod,omitempty"`
//
RequestUri string `json:"requestUri,omitempty"`
}
type RevocationAction ¶
type RevocationAction string
type RevocationRequest ¶
type RevocationRequest struct {
//
Parameters string `json:"parameters"` // omitempty is not added intentionally.
//
ClientId string `json:"clientId,omitempty"`
//
ClientSecret string `json:"clientSecret,omitempty"`
//
ClientCertificate string `json:"clientCertificate,omitempty"`
//
ClientCertificatePath []string `json:"clientCertificatePath,omitempty"`
}
type RevocationResponse ¶
type RevocationResponse struct {
ApiResponse
//
Action RevocationAction `json:"action,omitempty"`
//
ResponseContent string `json:"responseContent,omitempty"`
}
type Scope ¶
type Scope struct {
Name string `json:"name,omitempty"`
DefaultEntry bool `json:"defaultEntry,omitempty"`
Description string `json:"description,omitempty"`
Descriptions []TaggedValue `json:"descriptions,omitempty"`
Attributes []Pair `json:"attributes,omitempty"`
}
type Service ¶
type Service struct {
// The name of the service.
ServiceName string `json:"serviceName,omitempty"`
// The API key of the service.
ApiKey uint64 `json:"apiKey,omitempty"`
// The API secret of the service.
ApiSecret string `json:"apiSecret,omitempty"`
// The issuer identifier.
Issuer string `json:"issuer,omitempty"`
// The URL of the authorization endpoint.
AuthorizationEndpoint string `json:"authorizationEndpoint,omitempty"`
// The URL of the token endpoint.
TokenEndpoint string `json:"tokenEndpoint,omitempty"`
// The URL of the revocation endpoint.
RevocationEndpoint string `json:"revocationEndpoint,omitempty"`
// Client authentication methods supported at the revocation endpoint.
SupportedRevocationAuthMethods []types.ClientAuthMethod `json:"supportedRevocationAuthMethods,omitempty"`
// The URL of the userinfo endpoint.
UserInfoEndpoint string `json:"userInfoEndpoint,omitempty"`
// The URI of the JWK Set document.
JwksUri string `json:"jwksUri,omitempty"`
// The content of the JWK Set document.
Jwks string `json:"jwks,omitempty"`
// The URL of the registration endpoint.
RegistrationEndpoint string `json:"registrationEndpoint,omitempty"`
// The URL of the registration management endpoint.
RegistrationManagementEndpoint string `json:"registrationManagementEndpoint,omitempty"`
// Supported scopes.
SupportedScopes []Scope `json:"supportedScopes,omitempty"`
// Supported response types.
SupportedResponseTypes []types.ResponseType `json:"supportedResponseTypes,omitempty"`
// Supported grant types.
SupportedGrantTypes []types.GrantType `json:"supportedGrantTypes,omitempty"`
// String supported ACRs.
SupportedAcrs []string `json:"supportedAcrs,omitempty"`
// Client authentication methods supported at the token endpoint.
SupportedTokenAuthMethods []types.ClientAuthMethod `json:"supportedTokenAuthMethods,omitempty"`
// Supported displays.
SupportedDisplays []types.Display `json:"supportedDisplays,omitempty"`
// Supported claim types.
SupportedClaimTypes []types.ClaimType `json:"supportedClaimTypes,omitempty"`
// Supported claims.
SupportedClaims []string `json:"supportedClaims,omitempty"`
// The URL of the service documentation.
ServiceDocumentation string `json:"serviceDocumentation,omitempty"`
// Supported claim locales.
SupportedClaimLocales []string `json:"supportedClaimLocales,omitempty"`
// Supported UI locales.
SupportedUiLocales []string `json:"supportedUiLocales,omitempty"`
// The URL of the policy document.
PolicyUri string `json:"policyUri,omitempty"`
// The URL of the terms of service.
TosUri string `json:"tosUri,omitempty"`
// The URL of the authentication callback endpoint.
AuthenticationCallbackEndpoint string `json:"authenticationCallbackEndpoint,omitempty"`
// The API key to access the authentication callback endpoint.
AuthenticationCallbackApiKey string `json:"authenticationCallbackApiKey,omitempty"`
// The API secret to access the authentication callback endpoint.
AuthenticationCallbackApiSecret string `json:"authenticationCallbackApiSecret,omitempty"`
// Supported SNSes.
SupportedSnses []types.Sns `json:"supportedSnses,omitempty"`
// Credentials of supported SNSes.
SnsCredentials []SnsCredentials `json:"snsCredentials,omitempty"`
// The URL of the developer authentication callback endpoint.
DeveloperAuthenticationCallbackEndpoint string `json:"developerAuthenticationCallbackEndpoint,omitempty"`
// The API key to access the developer authentication callback endpoint.
DeveloperAuthenticationCallbackApiKey string `json:"developerAuthenticationCallbackApiKey,omitempty"`
// The API secret to access the developer authentication callback endpoint.
DeveloperAuthenticationCallbackApiSecret string `json:"developerAuthenticationCallbackApiSecret,omitempty"`
// The upper limit of the number of client applications per developer.
ClientsPerDeveloper uint16 `json:"clientsPerDeveloper,omitempty"`
// The flag which indicates whether the direct authorization endpoint is enabled.
DirectAuthorizationEndpointEnabled bool `json:"directAuthorizationEndpointEnabled,omitempty"`
// The flag which indicates whether the direct token endpoint is enabled.
DirectTokenEndpointEnabled bool `json:"directTokenEndpointEnabled,omitempty"`
// The flag which indicates whether the direct revocation endpoint is enabled.
DirectRevocationEndpointEnabled bool `json:"directRevocationEndpointEnabled,omitempty"`
// The flag which indicates whether the direct userinfo endpoint is enabled.
DirectUserInfoEndpointEnabled bool `json:"directUserInfoEndpointEnabled,omitempty"`
// The flag which indicates whether the direct jwks endpoint is enabled.
DirectJwksEndpointEnabled bool `json:"directJwksEndpointEnabled,omitempty"`
// The flag which indicates whether the direct introspection endpoint is enabled.
DirectIntrospectionEndpointEnabled bool `json:"directIntrospectionEndpointEnabled,omitempty"`
// The flag which indicates whether the number of access tokens per subject is limited to at most 1.
SingleAccessTokenPerSubject bool `json:"singleAccessTokenPerSubject,omitempty"`
// The flag which indicates whether PKCE is always required.
PkceRequired bool `json:"pkceRequired,omitempty"`
// The flag which indicates whether S256 is always required for code_challenge_method.
PkceS256Required bool `json:"pkceS256Required,omitempty"`
// The flag which indicates whether refresh tokens remain valid after use.
RefreshTokenKept bool `json:"refreshTokenKept,omitempty"`
// The flag which indicates whether the remaining duration of the used
// refresh token is taken over to the newly issued refresh token.
RefreshTokenDurationKept bool `json:"refreshTokenDurationKept,omitempty"`
// The flag which indicates whether duration of refresh tokens are
// reset when they are used even if the refreshTokenKept property
RefreshTokenDurationReset bool `json:"refreshTokenDurationReset,omitempty"`
// The flag which indicates whether `error_description` is omitted.
ErrorDescriptionOmitted bool `json:"errorDescriptionOmitted,omitempty"`
// The flag which indicates whether `error_uri` is omitted.
ErrorUriOmitted bool `json:"errorUriOmitted,omitempty"`
// The flag which indicates whether the feature of Client ID Alias is enabled.
ClientIdAliaseEnabled bool `json:"clientIdAliasEnabled,omitempty"`
// Supported service profiles.
SupportedServiceProfiles []types.ServiceProfile `json:"supportedServiceProfiles,omitempty"`
// The flag which indicates whether certificate binding is supported.
TlsClientCertificateBoundAccessTokens bool `json:"tlsClientCertificateBoundAccessTokens,omitempty"`
// The URL of the introspection endpoint.
IntrospectionEndpoint string `json:"introspectionEndpoint,omitempty"`
// Client authentication methods supports at the introspection endpoint.
SupportedIntrospectionAuthMethods []types.ClientAuthMethod `json:"supportedIntrospectionAuthMethods,omitempty"`
// The flag which indicates whether certification chain is validated for MTLS.
MutualTlsValidatePkiCertChain bool `json:"mutualTlsValidatePkiCertChain,omitempty"`
// The list of trusted root certificates for MTLS.
TrustedRootCertificates []string `json:"trustedRootCertificates,omitempty"`
// The flag which indicates whether Dynamic Client Registration is supported.
DynamicRegistrationSupported bool `json:"dynamicRegistrationSupported,omitempty"`
// The URL of the end session endpoint.
EndSessionEndpoint string `json:"endSessionEndpoint,omitempty"`
// The description of this service.
Description string `json:"description,omitempty"`
// The type of access token.
AccessTokenType string `json:"accessTokenType,omitempty"`
// Signature algorithm of JWT-based access tokens.
//
// When this property is not nil, access tokens issued by this service are
// JWS. Otherwise, access tokens are random strings as before.
AccessTokenSignAlg types.JWSAlg `json:"accessTokenSignAlg,omitempty"`
// The duration of access tokens.
AccessTokenDuration uint64 `json:"accessTokenDuration,omitempty"`
// The duration of refresh tokens.
RefreshTokenDuration uint64 `json:"refreshTokenDuration,omitempty"`
// The duration of ID tokens.
IdTokenDuration uint64 `json:"idTokenDuration,omitempty"`
// The duration of authorization response JWTs.
AuthorizationResponseDuration uint64 `json:"authorizationResponseDuration,omitempty"`
// The duration of pushed authorization requests.
PushedAuthReqDuration uint64 `json:"pushedAuthReqDuration,omitempty"`
// The key ID to identify a JWK used for signing JWT-based access tokens.
AccessTokenSignatureKeyId string `json:"accessTokenSignatureKeyId,omitempty"`
// The key ID to identify a JWK used for signing authorization responses.
AuthorizationSignatureKeyId string `json:"authorizationSignatureKeyId,omitempty"`
// The key ID to identify a JWK used for signing ID tokens.
IdTokenSignatureKeyId string `json:"idTokenSignatureKeyId,omitempty"`
// The key ID to identify a JWK used for signing userinfo responses.
UserInfoSignatureKeyId string `json:"userInfoSignatureKeyId,omitempty"`
// Supported backchannel token delivery modes.
SupportedBackchannelTokenDeliveryModes []types.DeliveryMode `json:"supportedBackchannelTokenDeliveryModes,omitempty"`
// The URL of the backchannel authentication endpoint.
BackchannelAuthenticationEndpoint string `json:"backchannelAuthenticationEndpoint,omitempty"`
// The flag which indicates whether `user_code` is supported at the backchannel authentication endpoint.
BackchannelUserCodeParameterSupported bool `json:"backchannelUserCodeParameterSupported,omitempty"`
// The duration of backchannel authentication request IDs.
BackchannelAuthReqIdDuration uint64 `json:"backchannelAuthReqIdDuration,omitempty"`
// The minimum interval in seconds between polling requests to the token endpoint in CIBA flows.
BachcannelPollingInterval uint16 `json:"backchannelPollingInterval,omitempty"`
// The flag which indicates whether `binding_message` is always required for FAPI.
BackchannelBindingMessageRequiredInFapi bool `json:"backchannelBindingMessageRequiredInFapi,omitempty"`
// The allowable clock skew in seconds between the server and clients.
AllowableClockSkew uint16 `json:"allowableClockSkew,omitempty"`
// The URL of the device authorization endpoint.
DeviceAuthorizationEndpoint string `json:"deviceAuthorizationEndpoint,omitempty"`
// The verification URI for the device flow.
DeviceVerificationUri string `json:"deviceVerificationUri,omitempty"`
// The verification URI for the device flow with a placeholder for a user code.
DeviceVerificationUriComplete string `json:"deviceVerificationUriComplete,omitempty"`
// The duration of device verification codes and end-user verification codes.
DeviceFlowCodeDuration uint64 `json:"deviceFlowCodeDuration,omitempty"`
// The minimum interval in seconds between polling requests to the token endpoint in Device Flow.
DeviceFlowPollingInterval uint16 `json:"deviceFlowPollingInterval,omitempty"`
// The character set for end-user verification codes for Device Flow.
UserCodeCharset types.UserCodeCharset `json:"userCodeCharset,omitempty"`
// The length of end-user verification codes for Device Flow.
UserCodeLength uint8 `json:"userCodeLength,omitempty"`
// The URL of the pushed authorization request endpoint.
PushedAuthReqEndpoint string `json:"pushedAuthReqEndpoint,omitempty"`
// MTLS endpoint aliases.
MtlsEndpointAliases []NamedUri `json:"mtlsEndpointAliases,omitempty"`
// Supported data types for authorization_details.
SupportedAuthorizationDetailsTypes []string `json:"supportedAuthorizationDetailsTypes,omitempty"`
// Supported trust frameworks. This corresponds to "trust_frameworks_supported".
SupportedTrustFrameworks []string `json:"supportedTrustFrameworks,omitempty"`
// Supported evidence. This corresponds to "evidence_supported".
SupportedEvidence []string `json:"supportedEvidence,omitempty"`
// Supported ID documents. This corresponds to "id_documents_supported".
SupportedIdentityDocuments []string `json:"supportedIdentityDocuments,omitempty"`
// Supported documents. This corresponds to "documents_supported".
SupportedDocuments []string `json:"supportedDocuments,omitempty"`
// Supported verification methods. This corresponds to "id_documents_verification_methods_supported".
SupportedVerificationMethods []string `json:"supportedVerificationMethods,omitempty"`
// Supported verified claims. This corresponds to "claims_in_verified_claims_supported".
SupportedVerifiedClaims []string `json:"supportedVerifiedClaims,omitempty"`
// The flag which indicates whether token requests from public client without
// the `client_id` request parameter are allowed when the client can be guessed
// from `authorization_code` or `refresh_token`.
MissingClientIdAllowed bool `json:"missingClientIdAllowed,omitempty"`
// The flag which indicates whether this service requires that clients use
// PAR (OAuth 2.0 Pushed Authorization Requests).
ParRequired bool `json:"parRequired,omitempty"`
// The flag which indicates whether authorization requests must utilize a request object.
RequestObjectRequired bool `json:"requestObjectRequired,omitempty"`
// The flag which indicates traditional request object processing
// (rules defined in OIDC Core 1.0) is applied.
TraditionalRequestObjectProcessingApplied bool `json:"traditionalRequestObjectProcessingApplied,omitempty"`
// The flag which indicates whether claims specified by shortcut scopes
// (e.g. profile) are included in the issued ID token only when no access
// token is issued.
ClaimShortcutRestrictive bool `json:"claimShortcutRestrictive,omitempty"`
// The flag which indicates whether requests that request no scope are
// rejected or not.
ScopeRequired bool `json:"scopeRequired,omitempty"`
// The flag which indicates whether the nbf claim in the request
// object is optional even when the authorization request is regarded
// as a FAPI-Part2 request.
NbfOptional bool `json:"nbfOptional,omitempty"`
// The flag which indicates whether generation of the iss response
// parameter is suppressed.
IssSuppressed bool `json:"issSuppressed,omitempty"`
// Arbitrary attributes associated with this service.
Attributes []Pair `json:"attributes,omitempty"`
// Custom client metadata supported by this service.
SupportedCustomClientMetadata []string `json:"supportedCustomClientMetadata,omitempty"`
// The flag which indicates whether the expiration date of an access token
// never exceeds that of the corresponding refresh token.
TokenExpirationLinked bool `json:"tokenExpirationLinked,omitempty"`
// The flag which indicates whether encryption of request object is required
// when the request object is passed through the front channel.
FrontChannelRequestObjectEncryptionRequired bool `json:"frontChannelRequestObjectEncryptionRequired,omitempty"`
// The flag which indicates whether the JWE alg of encrypted request
// object must match the value of the request_object_encryption_alg client metadata.
RequestObjectEncryptionAlgMatchRequired bool `json:"requestObjectEncryptionAlgMatchRequired,omitempty"`
// The flag which indicates whether the JWE enc of encrypted request
// object must match the value of the request_object_encryption_enc client metadata.
RequestObjectEncryptionEncMatchRequired bool `json:"requestObjectEncryptionEncMatchRequired,omitempty"`
// The flag which indicates whether HSM (Hardware Security Module) support is
// enabled for this service.
HsmEnabled bool `json:"hsmEnabled,omitempty"`
// Hardware-secured keys. Output only.
Hsks []Hsk `json:"hsks,omitempty"`
// if the scope provided by developer on DCR/management can be requestable
DcrScopeUsedAsRequestable bool `json:"dcrScopeUsedAsRequestable,omitempty"`
// the flag for marking if redirect uris to localhost should be stricted compared or not.
LoopbackRedirectionUriVariable bool `json:"loopbackRedirectionUriVariable,omitempty"`
}
type ServiceListResponse ¶
type SnsCredentials ¶
type StandardIntrospectionAction ¶
type StandardIntrospectionAction string
type StandardIntrospectionResponse ¶
type StandardIntrospectionResponse struct {
ApiResponse
//
Action StandardIntrospectionAction `json:"action,omitempty"`
//
ResponseContent string `json:"responseContent,omitempty"`
}
type TaggedValue ¶
type TokenAction ¶
type TokenAction string
type TokenCreateAction ¶
type TokenCreateAction string
type TokenCreateRequest ¶
type TokenCreateRequest struct {
//
GrantType types.GrantType `json:"grantType,omitempty"`
//
ClientId uint64 `json:"clientId,omitempty"`
//
Subject string `json:"subject,omitempty"`
//
Scopes []string `json:"scopes,omitempty"`
//
AccessTokenDuration uint64 `json:"accessTokenDuration,omitempty"`
//
RefreshTokenDuration uint64 `json:"refreshTokenDuration,omitempty"`
//
Properties []Property `json:"properties,omitempty"`
//
ClientIdAliasUsed bool `json:"clientIdAliasUsed,omitempty"`
//
AccessToken string `json:"accessToken,omitempty"`
//
RefreshToken string `json:"refreshToken,omitempty"`
//
AccessTokenPersistent bool `json:"accessTokenPersistent,omitempty"`
//
CertificateThumbprint string `json:"certificateThumbprint,omitempty"`
//
DpopKeyThumbprint string `json:"dpopKeyThumbprint,omitempty"`
// Resources associated with the newly issued access token.
//
// Since v1.1.5.
Resources []string `json:"resources,omitempty"`
// Flag indicating whether the newly issued access token is for an
// external attachment. See OpenID Connect for Identity Assurance
// for details.
//
// Since v1.1.5.
ForExternalAttachment bool `json:"forExternalAttachment,omitempty"`
// Additional claims that are added to the payload part of the JWT
// access token.
//
// Since v1.1.5.
JwtAtClaims string `json:"jwtAtClaims,omitempty"`
}
type TokenCreateResponse ¶
type TokenCreateResponse struct {
ApiResponse
//
Action TokenCreateAction `json:"action,omitempty"`
//
GrantType types.GrantType `json:"grantType,omitempty"`
//
ClientId uint64 `json:"clientId,omitempty"`
//
Subject string `json:"subject,omitempty"`
//
Scopes []string `json:"scopes,omitempty"`
//
AccessToken string `json:"accessToken,omitempty"`
//
TokenType string `json:"tokenType,omitempty"`
//
ExpiresIn uint64 `json:"expiresIn,omitempty"`
//
ExpiresAt uint64 `json:"expiresAt,omitempty"`
//
RefreshToken string `json:"refreshToken,omitempty"`
//
Properties []Property `json:"properties,omitempty"`
// Access token in the JWT format.
//
// Since v1.1.5.
JwtAccessToken string `json:"jwtAccessToken,omitempty"`
// Flag indicating whether the access token is for an external attachment.
// See OpenID Connect for Identity Assurance for details.
//
// Since v1.1.5.
ForExternalAttachment bool `json:"forExternalAttachment,omitempty"`
// Token ID.
//
// Since v1.1.5.
TokenId string `json:"tokenId,omitempty"`
}
type TokenFailAction ¶
type TokenFailAction string
type TokenFailReason ¶
type TokenFailReason string
type TokenFailRequest ¶
type TokenFailRequest struct {
//
Ticket string `json:"ticket,omitempty"`
//
Reason TokenFailReason `json:"reason,omitempty"`
}
type TokenFailResponse ¶
type TokenFailResponse struct {
ApiResponse
//
Action TokenFailAction `json:"action,omitempty"`
//
ResponseContent string `json:"responseContent,omitempty"`
}
type TokenInfo ¶ added in v1.1.5
type TokenInfo struct {
//
ClientId uint64 `json:"clientId,omitempty"`
//
Subject string `json:"subject,omitempty"`
//
Scopes []string `json:"scopes,omitempty"`
//
ExpiresAt uint64 `json:"expiresAt,omitempty"`
//
Properties []Property `json:"properties,omitempty"`
//
ClientIdAlias string `json:"clientIdAlias,omitempty"`
//
ClientIdAliasUsed bool `json:"clientIdAliasUsed,omitempty"`
//
Resources []string `json:"resources,omitempty"`
}
type TokenIssueAction ¶
type TokenIssueAction string
type TokenIssueRequest ¶
type TokenIssueRequest struct {
//
Ticket string `json:"ticket,omitempty"`
//
Subject string `json:"subject,omitempty"`
//
Properties []Property `json:"properties,omitempty"`
// Additional claims that are added to the payload part of the JWT
// access token.
//
// Since v1.1.5.
JwtAtClaims string `json:"jwtAtClaims,omitempty"`
// The representation of an access token that may be issued as a result
// of the Authlete API call.
//
// Since v1.1.5.
AccessToken string `json:"accessToken,omitempty"`
}
type TokenIssueResponse ¶
type TokenIssueResponse struct {
ApiResponse
//
Action TokenIssueAction `json:"action,omitempty"`
//
ResponseContent string `json:"responseContent,omitempty"`
//
AccessToken string `json:"accessToken,omitempty"`
//
AccessTokenExpiresAt uint64 `json:"accessTokenExpiresAt,omitempty"`
//
AccessTokenDuration uint64 `json:"accessTokenDuration,omitempty"`
//
RefreshToken string `json:"refreshToken,omitempty"`
//
RefreshTokenExpiresAt uint64 `json:"refreshTokenExpiresAt,omitempty"`
//
RefreshTokenDuration uint64 `json:"refreshTokenDuration,omitempty"`
//
ClientId uint64 `json:"clientId,omitempty"`
//
ClientIdAlias string `json:"clientIdAlias,omitempty"`
//
Subject string `json:"subject,omitempty"`
//
Scopes []string `json:"scopes,omitempty"`
//
Properties []Property `json:"properties,omitempty"`
//
JwtAccessToken string `json:"jwtAccessToken,omitempty"`
//
AccessTokenResources []string `json:"accessTokenResources,omitempty"`
//
ServiceAttributes []Pair `json:"serviceAttributes,omitempty"`
//
ClientAttributes []Pair `json:"clientAttributes,omitempty"`
}
type TokenListResponse ¶
type TokenListResponse struct {
//
Start uint32 `json:"start,omitempty"`
//
End uint32 `json:"end,omitempty"`
//
Client Client `json:"client,omitempty"`
//
Subject string `json:"subject,omitempty"`
//
TotalCount uint32 `json:"totalCount,omitempty"`
//
AccessTokens []AccessToken `json:"accessTokens,omitempty"`
}
type TokenRequest ¶
type TokenRequest struct {
//
Parameters string `json:"parameters"` // omitempty is not added intentionally.
//
ClientId string `json:"clientId,omitempty"`
//
ClientSecret string `json:"clientSecret,omitempty"`
//
ClientCertificate string `json:"clientCertificate,omitempty"`
//
ClientCertificatePath []string `json:"clientCertificatePath,omitempty"`
//
Properties []Property `json:"properties,omitempty"`
//
Dpop string `json:"dpop,omitempty"`
//
Htm string `json:"htm,omitempty"`
//
Htu string `json:"htu,omitempty"`
// Additional claims that are added to the payload part of the JWT
// access token.
//
// Since v1.1.8.
JwtAtClaims string `json:"jwtAtClaims,omitempty"`
// The representation of an access token that may be issued as a result
// of the Authlete API call.
//
// Since v1.1.5.
AccessToken string `json:"accessToken,omitempty"`
}
type TokenResponse ¶
type TokenResponse struct {
ApiResponse
//
Action TokenAction `json:"action,omitempty"`
//
ResponseContent string `json:"responseContent,omitempty"`
//
Username string `json:"username,omitempty"`
//
Password string `json:"password,omitempty"`
//
Ticket string `json:"ticket,omitempty"`
//
AccessToken string `json:"accessToken,omitempty"`
//
AccessTokenExpiresAt uint64 `json:"accessTokenExpiresAt,omitempty"`
//
AccessTokenDuration uint64 `json:"accessTokenDuration,omitempty"`
//
RefreshToken string `json:"refreshToken,omitempty"`
//
RefresthTokenExpiresAt uint64 `json:"refreshTokenExpiresAt,omitempty"`
//
RefreshTokenDuration uint64 `json:"refreshTokenDuration,omitempty"`
//
IdToken string `json:"idToken,omitempty"`
//
GrantType types.GrantType `json:"grantType,omitempty"`
//
ClientId uint64 `json:"clientId,omitempty"`
//
ClientIdAlias string `json:"clientIdAlias,omitempty"`
//
ClientIdAliasUsed bool `json:"clientIdAliasUsed,omitempty"`
//
Subject string `json:"subject,omitempty"`
//
Scopes []string `json:"scopes,omitempty"`
//
Properties []Property `json:"properties,omitempty"`
//
JwtAccessToken string `json:"jwtAccessToken,omitempty"`
//
ClientAuthMethod types.ClientAuthMethod `json:"clientAuthMethod,omitempty"`
//
Resources []string `json:"resources,omitempty"`
//
AccessTokenResources []string `json:"accessTokenResources,omitempty"`
// Grant ID. See Grant Management for OAuth 2.0 for details.
//
// Since v1.1.5.
GrantId string `json:"grantId,omitempty"`
//
ServiceAttributes []Pair `json:"serviceAttributes,omitempty"`
//
ClientAttributes []Pair `json:"clientAttributes,omitempty"`
// The values of the "audience" request parameters that are contained in
// the token exchange request (RFC 8693).
//
// Since v1.1.5.
Audiences []string `json:"audiences,omitempty"`
// The value of the "requested_token_type" request parameter of the token
// exchange request (RFC 8693).
//
// Since v1.1.5.
RequestedTokenType types.TokenType `json:"requestedTokenType,omitempty"`
// The value of the "subject_token" request parameter of the token exchange
// request (RFC 8693).
//
// Since v1.1.5.
SubjectToken string `json:"subjectToken,omitempty"`
// The value of the "subject_token_type" request parameter of the token
// exchange request (RFC 8693).
//
// Since v1.1.5.
SubjectTokenType types.TokenType `json:"subjectTokenType,omitempty"`
// The information about the token specified by the "subject_token" request
// parameter. The information is available only when the token type is
// either "urn:ietf:params:oauth:token-type:access_token" or
// "urn:ietf:params:oauth:token-type:refresh_token".
//
// Since v1.1.5.
SubjectTokenInfo TokenInfo `json:"subjectTokenInfo,omitempty"`
// The value of the "actor_token" request parameter of the token exchange
// request (RFC 8693).
//
// Since v1.1.5.
ActorToken string `json:"actorToken,omitempty"`
// The value of the "actor_token_type" request parameter of the token
// exchange request (RFC 8693).
//
// Since v1.1.5.
ActorTokenType types.TokenType `json:"actorTokenType,omitempty"`
// The information about the token specified by the "actor_token" request
// parameter. The information is available only when the token type is
// either "urn:ietf:params:oauth:token-type:access_token" or
// "urn:ietf:params:oauth:token-type:refresh_token".
//
// Since v1.1.5.
ActorTokenInfo TokenInfo `json:"actorTokenInfo,omitempty"`
// The value of the "assertion" request parameter of the token request.
// The request parameter is defined in RFC 7521 and RFC 7523. The value
// is available only when the grant type of the token request is
// "urn:ietf:params:oauth:grant-type:jwt-bearer".
//
// Since v1.1.7.
Assertion string `json:"assertion,omitempty"`
}
type TokenUpdateAction ¶
type TokenUpdateAction string
type TokenUpdateRequest ¶
type TokenUpdateRequest struct {
//
AccessToken string `json:"accessToken,omitempty"`
//
AccessTokenExpiresAt uint64 `json:"accessTokenExpiresAt,omitempty"`
//
Scopes []string `json:"scopes,omitempty"`
//
Properties []Property `json:"properties,omitempty"`
//
AccessTokenExpiresAtUpdatedOnScopeUpdate bool `json:"accessTokenExpiresAtUpdatedOnScopeUpdate,omitempty"`
//
AccessTokenPersistent bool `json:"accessTokenPersistent,omitempty"`
//
AccessTokenHash string `json:"accessTokenHash,omitempty"`
//
AccessTokenValueUpdated bool `json:"accessTokenValueUpdated,omitempty"`
//
CertificateThumbprint string `json:"certificateThumbprint,omitempty"`
//
DpopKeyThumbprint string `json:"dpopKeyThumbprint,omitempty"`
// Flag indicating whether the access token is for an external attachment.
// See OpenID Connect for Identity Assurance for details.
//
// Since v1.1.5.
ForExternalAttachment bool `json:"forExternalAttachment,omitempty"`
// Token ID.
//
// Since v1.1.5.
TokenId string `json:"tokenId,omitempty"`
}
type TokenUpdateResponse ¶
type TokenUpdateResponse struct {
ApiResponse
//
Action TokenUpdateAction `json:"action,omitempty"`
//
AccessToken string `json:"accessToken,omitempty"`
//
TokenType string `json:"tokenType,omitempty"`
//
AccessTokenExpiresAt uint64 `json:"accessTokenExpiresAt,omitempty"`
//
Scopes []string `json:"scopes,omitempty"`
//
Properties []Property `json:"properties,omitempty"`
// Flag indicating whether the access token is for an external attachment.
// See OpenID Connect for Identity Assurance for details.
//
// Since v1.1.5.
ForExternalAttachment bool `json:"forExternalAttachment,omitempty"`
// Token ID.
//
// Since v1.1.5.
TokenId string `json:"tokenId,omitempty"`
}
type UserInfoAction ¶
type UserInfoAction string
type UserInfoIssueAction ¶
type UserInfoIssueAction string
type UserInfoIssueRequest ¶
type UserInfoIssueResponse ¶
type UserInfoIssueResponse struct {
ApiResponse
//
Action UserInfoIssueAction `json:"action,omitempty"`
//
ResponseContent string `json:"responseContent,omitempty"`
}
type UserInfoRequest ¶
type UserInfoResponse ¶
type UserInfoResponse struct {
ApiResponse
//
Action UserInfoAction `json:"action,omitempty"`
//
ClientId uint64 `json:"clientId,omitempty"`
//
Subject string `json:"subject,omitempty"`
//
Scopes []string `json:"scopes,omitempty"`
//
Claims []string `json:"claims,omitempty"`
//
Token string `json:"token,omitempty"`
//
ResponseContent string `json:"responseContent,omitempty"`
//
Properties []Property `json:"properties,omitempty"`
//
ClientIdAlias string `json:"clientIdAlias,omitempty"`
//
ClientIdAliasUsed bool `json:"clientIdAliasUsed,omitempty"`
//
UserInfoClaims string `json:"userInfoClaims,omitempty"`
//
ServiceAttributes []Pair `json:"serviceAttributes,omitempty"`
//
ClientAttributes []Pair `json:"clientAttributes,omitempty"`
}
Source Files
¶
- access_token.go
- address.go
- api_response.go
- authorization_action.go
- authorization_fail_action.go
- authorization_fail_reason.go
- authorization_fail_request.go
- authorization_fail_response.go
- authorization_issue_action.go
- authorization_issue_request.go
- authorization_issue_response.go
- authorization_request.go
- authorization_response.go
- authorized_client_list_response.go
- backchannel_authentication_action.go
- backchannel_authentication_complete_action.go
- backchannel_authentication_complete_request.go
- backchannel_authentication_complete_response.go
- backchannel_authentication_complete_result.go
- backchannel_authentication_fail_action.go
- backchannel_authentication_fail_reason.go
- backchannel_authentication_fail_request.go
- backchannel_authentication_fail_response.go
- backchannel_authentication_issue_action.go
- backchannel_authentication_issue_request.go
- backchannel_authentication_issue_response.go
- backchannel_authentication_request.go
- backchannel_authentication_response.go
- client.go
- client_authorization_delete_request.go
- client_authorization_get_list_response.go
- client_authorization_update_request.go
- client_extension.go
- client_list_response.go
- client_registration_action.go
- client_registration_request.go
- client_registration_response.go
- client_secret_refresh_response.go
- client_secret_update_request.go
- client_secret_update_response.go
- device_authorization_action.go
- device_authorization_request.go
- device_authorization_response.go
- device_compete_action.go
- device_complete_reponse.go
- device_complete_request.go
- device_complete_result.go
- device_verification_action.go
- device_verification_request.go
- device_verification_response.go
- dynamic_scope.go
- granted_scopes_get_response.go
- hsk.go
- hsk_action.go
- hsk_create_request.go
- hsk_list_action.go
- hsk_list_response.go
- hsk_response.go
- introspection_action.go
- introspection_request.go
- introspection_response.go
- jose_verify_request.go
- jose_verify_response.go
- named_uri.go
- pair.go
- property.go
- pushed_auth_req_action.go
- pushed_auth_req_request.go
- pushed_auth_req_response.go
- revocation_action.go
- revocation_request.go
- revocation_response.go
- scope.go
- service.go
- service_list_response.go
- sns_credentials.go
- standard_introspection_action.go
- standard_introspection_request.go
- standard_introspection_response.go
- tagged_value.go
- token_action.go
- token_create_action.go
- token_create_request.go
- token_create_response.go
- token_fail_action.go
- token_fail_reason.go
- token_fail_request.go
- token_fail_response.go
- token_info.go
- token_issue_action.go
- token_issue_request.go
- token_issue_response.go
- token_list_response.go
- token_request.go
- token_response.go
- token_update_action.go
- token_update_request.go
- token_update_response.go
- userinfo_action.go
- userinfo_issue_action.go
- userinfo_issue_request.go
- userinfo_issue_response.go
- userinfo_request.go
- userinfo_response.go
Click to show internal directories.
Click to hide internal directories.