Documentation
¶
Index ¶
- func AccessTokenCookieKey() string
- func AccessTokenExpirationCookieKey() string
- func AccessTokenHeaderKey() string
- func GetAccessToken(ctx context.Context) (string, error)
- func RefreshTokenCookieKey() string
- type Authenticator
- func (a *Authenticator) GetTokenCookiesFromAuthToken(ctx context.Context, authorizationToken string, sc *securecookie.SecureCookie) ([]*http.Cookie, error)
- func (a *Authenticator) RefreshTokenConsentUrl() string
- func (a *Authenticator) TrySetCookieAuthContext(w http.ResponseWriter, r *http.Request, sc *securecookie.SecureCookie) (http.ResponseWriter, *http.Request, bool, error)
- func (a *Authenticator) TrySetHeaderAuthContext(request *http.Request) (*http.Request, bool)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AccessTokenCookieKey ¶
func AccessTokenCookieKey() string
func AccessTokenExpirationCookieKey ¶
func AccessTokenExpirationCookieKey() string
func AccessTokenHeaderKey ¶
func AccessTokenHeaderKey() string
func RefreshTokenCookieKey ¶
func RefreshTokenCookieKey() string
Types ¶
type Authenticator ¶
type Authenticator struct {
// contains filtered or unexported fields
}
func NewAuthenticator ¶
func (*Authenticator) GetTokenCookiesFromAuthToken ¶
func (a *Authenticator) GetTokenCookiesFromAuthToken(ctx context.Context, authorizationToken string, sc *securecookie.SecureCookie) ([]*http.Cookie, error)
func (*Authenticator) RefreshTokenConsentUrl ¶
func (a *Authenticator) RefreshTokenConsentUrl() string
func (*Authenticator) TrySetCookieAuthContext ¶
func (a *Authenticator) TrySetCookieAuthContext(w http.ResponseWriter, r *http.Request, sc *securecookie.SecureCookie) (http.ResponseWriter, *http.Request, bool, error)
TrySetCookieAuthContext - gqlgen gives us the context in the resolver, but does not expose any way to alter it midflight specifically, the generated handler functions hand off a context to the resolver, and then hand the same context to the marshaller. so we're doing everything before it gets there. this means that even requests that don't NEED an access token will have it refreshed when expired. Given this is only every 30 minutes per user, it's not the worst. But given we don't plan to be harsh on view access, it's unavoidable major overkill.
func (*Authenticator) TrySetHeaderAuthContext ¶
Source Files
Click to show internal directories.
Click to hide internal directories.