Documentation
¶
Index ¶
- Variables
- func AppendIfNotExisted(targets []string, item string) []string
- func GenerateCodeChallenge(codeVerifier string) string
- func GenerateCodeVerifier() string
- func GenerateSignInUri(option *SignInUriGenerationOptions) (string, error)
- func GenerateSignOutUri(option *SignOutUriGenerationOptions) (string, error)
- func GenerateState() string
- func ParseSignedJwt(token string) (*jwt.JSONWebToken, error)
- func Revoke(client *http.Client, options *RevocationOptions) error
- func VerifyAndParseCodeFromCallbackUri(callbackUri, redirectUri, state string) (string, error)
- func VerifyIdToken(idToken, clientId, issuer string, jwks *jose.JSONWebKeySet) error
- type CodeTokenResponse
- type FetchTokenByAuthorizationCodeOptions
- type FetchTokenByRefreshTokenOptions
- type IdTokenClaims
- type JwksResponse
- type OidcConfigResponse
- type Organization
- type OrganizationAccessTokenClaims
- type RefreshTokenResponse
- type RevocationOptions
- type SignInUriGenerationOptions
- type SignOutUriGenerationOptions
- type UserInfoResponse
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ReservedScopeOpenId = "openid" ReservedScopeOfflineAccess = "offline_access" )
View Source
var ( UserScopeProfile = "profile" UserScopeEmail = "email" UserScopePhone = "phone" UserScopeCustomData = "custom_data" UserScopeIdentities = "identities" UserScopeRoles = "roles" UserScopeOrganizations = "urn:logto:scope:organizations" UserScopeOrganizationRoles = "urn:logto:scope:organization_roles" )
View Source
var ( ErrTokenIssuerNotMatch = errors.New("token issuer not match") ErrTokenAudienceNotMatch = errors.New("token audience not match") ErrTokenExpired = errors.New("token expired") ErrTokenIssuedInTheFuture = errors.New("token issued in the future") ErrTokenIssuedInThePast = errors.New("token issued in the past") ErrCallbackUriNotMatchRedirectUri = errors.New("callback uri not match redirect uri") ErrStateNotMatch = errors.New("state not match") ErrCodeNotFoundInCallbackUri = errors.New("code not found in callback uri") )
View Source
var ( DefaultScopes = []string{ ReservedScopeOpenId, ReservedScopeOfflineAccess, UserScopeProfile, } )
View Source
var ISSUED_AT_RESTRICTIONS int64 = 60 // in seconds
View Source
var (
ReservedResourceOrganization = "urn:logto:resource:organizations"
)
Functions ¶
func AppendIfNotExisted ¶
func GenerateCodeChallenge ¶
func GenerateCodeVerifier ¶
func GenerateCodeVerifier() string
func GenerateSignInUri ¶
func GenerateSignInUri(option *SignInUriGenerationOptions) (string, error)
func GenerateSignOutUri ¶
func GenerateSignOutUri(option *SignOutUriGenerationOptions) (string, error)
func GenerateState ¶
func GenerateState() string
func ParseSignedJwt ¶
func ParseSignedJwt(token string) (*jwt.JSONWebToken, error)
func VerifyIdToken ¶
Types ¶
type CodeTokenResponse ¶
type CodeTokenResponse struct {
AccessToken string `json:"access_token"`
RefreshToken string `json:"refresh_token"`
IdToken string `json:"id_token"`
Scope string `json:"scope"`
ExpireIn int `json:"expires_in"`
}
func FetchTokenByAuthorizationCode ¶
func FetchTokenByAuthorizationCode(client *http.Client, options *FetchTokenByAuthorizationCodeOptions) (CodeTokenResponse, error)
type IdTokenClaims ¶
type IdTokenClaims struct {
Iss string `json:"iss"`
Sub string `json:"sub"`
Aud string `json:"aud"`
Exp int64 `json:"exp"`
Iat int64 `json:"iat"`
AtHash string `json:"at_hash"`
Name string `json:"name"`
Username string `json:"username"`
Picture string `json:"picture"`
Email string `json:"email"`
EmailVerified bool `json:"email_verified"`
PhoneNumber string `json:"phone_number"`
PhoneNumberVerified bool `json:"phone_number_verified"`
Roles []string `json:"roles"`
Organizations []string `json:"organizations"`
OrganizationRoles []string `json:"organization_roles"`
}
func DecodeIdToken ¶
func DecodeIdToken(token string) (IdTokenClaims, error)
type JwksResponse ¶
type OidcConfigResponse ¶
type OidcConfigResponse struct {
AuthorizationEndpoint string `json:"authorization_endpoint"`
TokenEndpoint string `json:"token_endpoint"`
UserinfoEndpoint string `json:"userinfo_endpoint"`
EndSessionEndpoint string `json:"end_session_endpoint"`
RevocationEndpoint string `json:"revocation_endpoint"`
JwksUri string `json:"jwks_uri"`
Issuer string `json:"issuer"`
}
func FetchOidcConfig ¶
func FetchOidcConfig(client *http.Client, endpoint string) (OidcConfigResponse, error)
type Organization ¶
type RefreshTokenResponse ¶
type RefreshTokenResponse = CodeTokenResponse
func FetchTokenByRefreshToken ¶
func FetchTokenByRefreshToken(client *http.Client, options *FetchTokenByRefreshTokenOptions) (RefreshTokenResponse, error)
type RevocationOptions ¶
type UserInfoResponse ¶
type UserInfoResponse struct {
Sub string `json:"sub"` // The user's unique ID.
Name string `json:"name"` // The user's full name.
Username string `json:"username"` // The user's username.
Picture string `json:"picture"` // The user's profile picture URL.
Email string `json:"email"` // The user's email address.
EmailVerified bool `json:"email_verified"` // Whether the user's email address is verified.
PhoneNumber string `json:"phone_number"` // The user's phone number.
PhoneNumberVerified bool `json:"phone_number_verified"` // Whether the user's phone number is verified.
CustomData map[string]interface{} `json:"custom_data"` // The user's custom data
Identities map[string]interface{} `json:"identities"` // The user's social identities information
Roles []string `json:"roles"` // The role names of the current user.
Organizations []string `json:"organizations"` // The organization IDs that the user has membership.
// The organization roles that the user has.
// Each role is in the format of `<organization_id>:<role_name>`.
// # Example #
// The following array indicates that user is an admin of org1 and a member of org2:
// “`go
// {"org1:admin", "org2:member"}
// “`
OrganizationRoles []string `json:"organization_roles"`
OrganizationData []Organization `json:"organization_data"` // The organization data that the user has membership.
}
func FetchUserInfo ¶
func FetchUserInfo(userInfoEndpoint, accessToken string) (UserInfoResponse, error)
Source Files
Click to show internal directories.
Click to hide internal directories.