Documentation
¶
Index ¶
- type Config
- type DeviceAccessTokenRequest
- type DeviceAccessTokenResponse
- type DeviceAuthorizationRequest
- type DeviceAuthorizationResponse
- type OAuthTokenOrError
- type TokenOrchestrator
- func (t TokenOrchestrator) FetchTokenFromAuthFlow(ctx context.Context) (*oauth2.Token, error)
- func (t TokenOrchestrator) PollTokenEndpoint(ctx context.Context, tokReq DeviceAccessTokenRequest, ...) (*oauth2.Token, error)
- func (t TokenOrchestrator) StartDeviceAuthorization(ctx context.Context, dareq DeviceAuthorizationRequest) (*DeviceAuthorizationResponse, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
TokenRefreshGracePeriod config.Duration `json:"refreshTime" pflag:",grace period from the token expiry after which it would refresh the token."`
Timeout config.Duration `json:"timeout" pflag:",amount of time the device flow should complete or else it will be cancelled."`
PollInterval config.Duration `` /* 182-byte string literal not displayed */
}
Config defines settings used for Device orchestration flow.
type DeviceAccessTokenRequest ¶
type DeviceAccessTokenRequest struct {
// ClientID is the client identifier issued to the client during the registration process of OAuth app with the authorization server
ClientID string `json:"client_id"`
// DeviceCode unique device code generated by the authorization server.
DeviceCode string `json:"device_code"`
// Value MUST be set to "urn:ietf:params:oauth:grant-type:device_code"
GrantType string `json:"grant_type"`
}
type DeviceAuthorizationRequest ¶
type DeviceAuthorizationRequest struct {
// ClientID is the client identifier issued to the client during the registration process of OAuth app with the authorization server
ClientID string `json:"client_id"`
// Scope is the scope parameter of the access request
Scope string `json:"scope"`
// Audience defines at which endpoints the token can be used.
Audience string `json:"audience"`
}
DeviceAuthorizationRequest sent to authorization server directly from the client app
type DeviceAuthorizationResponse ¶
type DeviceAuthorizationResponse struct {
// DeviceCode unique device code generated by the authorization server.
DeviceCode string `json:"device_code"`
// UserCode unique code generated for the user to enter on another device
UserCode string `json:"user_code"`
// VerificationURI url endpoint of the authorization server which host the device and app verification
VerificationURI string `json:"verification_uri"`
// VerificationURIComplete url endpoint of the authorization server which host the device and app verification along with user code
VerificationURIComplete string `json:"verification_uri_complete"`
// ExpiresIn lifetime in seconds of the "device_code" and "user_code"
ExpiresIn int64 `json:"expires_in"`
// Interval minimum amount of time in secs the client app should wait between polling requests to the token endpoint.
Interval int64 `json:"interval"`
}
DeviceAuthorizationResponse contains the information that the end user would use to authorize the app requesting the resource access.
type OAuthTokenOrError ¶
OAuthTokenOrError containing the token
type TokenOrchestrator ¶
type TokenOrchestrator struct {
Config Config
tokenorchestrator.BaseTokenOrchestrator
}
TokenOrchestrator implements the main logic to initiate device authorization flow
func NewDeviceFlowTokenOrchestrator ¶
func NewDeviceFlowTokenOrchestrator(baseOrchestrator tokenorchestrator.BaseTokenOrchestrator, cfg Config) (TokenOrchestrator, error)
NewDeviceFlowTokenOrchestrator creates a new TokenOrchestrator that implements the main logic to start device authorization flow and fetch device code and then poll on the token endpoint until the device authorization is approved/denied by the user
func (TokenOrchestrator) FetchTokenFromAuthFlow ¶
FetchTokenFromAuthFlow starts a webserver to listen to redirect callback from the authorization server at the end of the flow. It then launches the browser to authenticate the user.
func (TokenOrchestrator) PollTokenEndpoint ¶
func (t TokenOrchestrator) PollTokenEndpoint(ctx context.Context, tokReq DeviceAccessTokenRequest, pollInterval time.Duration) (*oauth2.Token, error)
PollTokenEndpoint polls the token endpoint until the user authorizes/ denies the app or an error occurs other than slow_down or authorization_pending
func (TokenOrchestrator) StartDeviceAuthorization ¶
func (t TokenOrchestrator) StartDeviceAuthorization(ctx context.Context, dareq DeviceAuthorizationRequest) (*DeviceAuthorizationResponse, error)
StartDeviceAuthorization will initiate the OAuth2 device authorization flow.
Source Files