The highest tagged major version is
Documentation
¶
Overview ¶
Package oauth1 enables management of OpenStack OAuth1 tokens and Authentication.
Example to Create an OAuth1 Consumer
createConsumerOpts := oauth1.CreateConsumerOpts{
Description: "My consumer",
}
consumer, err := oauth1.CreateConsumer(identityClient, createConsumerOpts).Extract()
if err != nil {
panic(err)
}
// NOTE: Consumer secret is available only on create response
fmt.Printf("Consumer: %+v\n", consumer)
Example to Request an unauthorized OAuth1 token
requestTokenOpts := oauth1.RequestTokenOpts{
OAuthConsumerKey: consumer.ID,
OAuthConsumerSecret: consumer.Secret,
OAuthSignatureMethod: oauth1.HMACSHA1,
RequestedProjectID: projectID,
}
requestToken, err := oauth1.RequestToken(identityClient, requestTokenOpts).Extract()
if err != nil {
panic(err)
}
// NOTE: Request token secret is available only on request response
fmt.Printf("Request token: %+v\n", requestToken)
Example to Authorize an unauthorized OAuth1 token
authorizeTokenOpts := oauth1.AuthorizeTokenOpts{
Roles: []oauth1.Role{
{Name: "member"},
},
}
authToken, err := oauth1.AuthorizeToken(identityClient, requestToken.OAuthToken, authorizeTokenOpts).Extract()
if err != nil {
panic(err)
}
fmt.Printf("Verifier ID of the unauthorized Token: %+v\n", authToken.OAuthVerifier)
Example to Create an OAuth1 Access Token
accessTokenOpts := oauth1.CreateAccessTokenOpts{
OAuthConsumerKey: consumer.ID,
OAuthConsumerSecret: consumer.Secret,
OAuthToken: requestToken.OAuthToken,
OAuthTokenSecret: requestToken.OAuthTokenSecret,
OAuthVerifier: authToken.OAuthVerifier,
OAuthSignatureMethod: oauth1.HMACSHA1,
}
accessToken, err := oauth1.CreateAccessToken(identityClient, accessTokenOpts).Extract()
if err != nil {
panic(err)
}
// NOTE: Access token secret is available only on create response
fmt.Printf("OAuth1 Access Token: %+v\n", accessToken)
Example to List User's OAuth1 Access Tokens
allPages, err := oauth1.ListAccessTokens(identityClient, userID).AllPages()
if err != nil {
panic(err)
}
accessTokens, err := oauth1.ExtractAccessTokens(allPages)
if err != nil {
panic(err)
}
for _, accessToken := range accessTokens {
fmt.Printf("Access Token: %+v\n", accessToken)
}
Example to Authenticate a client using OAuth1 method
client, err := openstack.NewClient("http://localhost:5000/v3")
if err != nil {
panic(err)
}
authOptions := &oauth1.AuthOptions{
// consumer token, created earlier
OAuthConsumerKey: consumer.ID,
OAuthConsumerSecret: consumer.Secret,
// access token, created earlier
OAuthToken: accessToken.OAuthToken,
OAuthTokenSecret: accessToken.OAuthTokenSecret,
OAuthSignatureMethod: oauth1.HMACSHA1,
}
err = openstack.AuthenticateV3(client, authOptions, gophercloud.EndpointOpts{})
if err != nil {
panic(err)
}
Example to Create a Token using OAuth1 method
var oauth1Token struct {
tokens.Token
oauth1.TokenExt
}
createOpts := &oauth1.AuthOptions{
// consumer token, created earlier
OAuthConsumerKey: consumer.ID,
OAuthConsumerSecret: consumer.Secret,
// access token, created earlier
OAuthToken: accessToken.OAuthToken,
OAuthTokenSecret: accessToken.OAuthTokenSecret,
OAuthSignatureMethod: oauth1.HMACSHA1,
}
err := tokens.Create(identityClient, createOpts).ExtractInto(&oauth1Token)
if err != nil {
panic(err)
}
Index ¶
- func Create(client *gophercloud.ServiceClient, opts tokens.AuthOptionsBuilder) (r tokens.CreateResult)
- func ListAccessTokenRoles(client *gophercloud.ServiceClient, userID string, id string) pagination.Pager
- func ListAccessTokens(client *gophercloud.ServiceClient, userID string) pagination.Pager
- func ListConsumers(client *gophercloud.ServiceClient) pagination.Pager
- type AccessToken
- type AccessTokenRole
- type AccessTokenRolesPage
- type AccessTokensPage
- type AuthOptions
- func (opts AuthOptions) CanReauth() bool
- func (opts AuthOptions) ToTokenV3CreateMap(map[string]interface{}) (map[string]interface{}, error)
- func (opts AuthOptions) ToTokenV3HeadersMap(headerOpts map[string]interface{}) (map[string]string, error)
- func (opts AuthOptions) ToTokenV3ScopeMap() (map[string]interface{}, error)
- type AuthorizeTokenOpts
- type AuthorizeTokenOptsBuilder
- type AuthorizeTokenResult
- type AuthorizedToken
- type Consumer
- type ConsumersPage
- type CreateAccessTokenOpts
- type CreateAccessTokenOptsBuilder
- type CreateConsumerOpts
- type CreateConsumerOptsBuilder
- type CreateConsumerResult
- type DeleteConsumerResult
- type GetAccessTokenResult
- type GetAccessTokenRoleResult
- type GetConsumerResult
- type OAuth1
- type RequestTokenOpts
- type RequestTokenOptsBuilder
- type RevokeAccessTokenResult
- type Role
- type SignatureMethod
- type Token
- type TokenExt
- type TokenResult
- type UpdateConsumerOpts
- type UpdateConsumerResult
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Create ¶
func Create(client *gophercloud.ServiceClient, opts tokens.AuthOptionsBuilder) (r tokens.CreateResult)
Create authenticates and either generates a new OpenStack token from an OAuth1 token.
func ListAccessTokenRoles ¶
func ListAccessTokenRoles(client *gophercloud.ServiceClient, userID string, id string) pagination.Pager
ListAccessTokenRoles enumerates authorized access token roles.
func ListAccessTokens ¶
func ListAccessTokens(client *gophercloud.ServiceClient, userID string) pagination.Pager
ListAccessTokens enumerates authorized access tokens.
func ListConsumers ¶
func ListConsumers(client *gophercloud.ServiceClient) pagination.Pager
List enumerates Consumers.
Types ¶
type AccessToken ¶
type AccessToken struct {
ID string `json:"id"`
ConsumerID string `json:"consumer_id"`
ProjectID string `json:"project_id"`
AuthorizingUserID string `json:"authorizing_user_id"`
ExpiresAt *time.Time `json:"-"`
}
AccessToken represents an AccessToken response as a struct.
func ExtractAccessTokens ¶
func ExtractAccessTokens(r pagination.Page) ([]AccessToken, error)
ExtractAccessTokens returns a slice of AccessTokens contained in a single page of results.
func (*AccessToken) UnmarshalJSON ¶
func (r *AccessToken) UnmarshalJSON(b []byte) error
type AccessTokenRole ¶
type AccessTokenRole struct {
ID string `json:"id"`
Name string `json:"name"`
DomainID string `json:"domain_id"`
}
AccessTokenRole represents an Access Token Role struct.
func ExtractAccessTokenRoles ¶
func ExtractAccessTokenRoles(r pagination.Page) ([]AccessTokenRole, error)
ExtractAccessTokenRoles returns a slice of AccessTokenRole contained in a single page of results.
type AccessTokenRolesPage ¶
type AccessTokenRolesPage struct {
pagination.LinkedPageBase
}
AccessTokenRolesPage is a single page of Access Token roles results.
func (AccessTokenRolesPage) IsEmpty ¶
func (r AccessTokenRolesPage) IsEmpty() (bool, error)
IsEmpty determines whether or not a an AccessTokensPage contains any results.
func (AccessTokenRolesPage) NextPageURL ¶
func (r AccessTokenRolesPage) NextPageURL() (string, error)
NextPageURL extracts the "next" link from the links section of the result.
type AccessTokensPage ¶
type AccessTokensPage struct {
pagination.LinkedPageBase
}
AccessTokensPage is a single page of Access Tokens results.
func (AccessTokensPage) IsEmpty ¶
func (r AccessTokensPage) IsEmpty() (bool, error)
IsEmpty determines whether or not a an AccessTokensPage contains any results.
func (AccessTokensPage) NextPageURL ¶
func (r AccessTokensPage) NextPageURL() (string, error)
NextPageURL extracts the "next" link from the links section of the result.
type AuthOptions ¶
type AuthOptions struct {
// OAuthConsumerKey is the OAuth1 Consumer Key.
OAuthConsumerKey string `q:"oauth_consumer_key" required:"true"`
// OAuthConsumerSecret is the OAuth1 Consumer Secret. Used to generate
// an OAuth1 request signature.
OAuthConsumerSecret string `required:"true"`
// OAuthToken is the OAuth1 Request Token.
OAuthToken string `q:"oauth_token" required:"true"`
// OAuthTokenSecret is the OAuth1 Request Token Secret. Used to generate
// an OAuth1 request signature.
OAuthTokenSecret string `required:"true"`
// OAuthSignatureMethod is the OAuth1 signature method the Consumer used
// to sign the request. Supported values are "HMAC-SHA1" or "PLAINTEXT".
// "PLAINTEXT" is not recommended for production usage.
OAuthSignatureMethod SignatureMethod `q:"oauth_signature_method" required:"true"`
// OAuthTimestamp is an OAuth1 request timestamp. If nil, current Unix
// timestamp will be used.
OAuthTimestamp *time.Time
// OAuthNonce is an OAuth1 request nonce. Nonce must be a random string,
// uniquely generated for each request. Will be generated automatically
// when it is not set.
OAuthNonce string `q:"oauth_nonce"`
// AllowReauth allows Gophercloud to re-authenticate automatically
// if/when your token expires.
AllowReauth bool
}
AuthOptions represents options for authenticating a user using OAuth1 tokens.
func (AuthOptions) CanReauth ¶
func (opts AuthOptions) CanReauth() bool
CanReauth allows AuthOptions to satisfy the tokens.AuthOptionsBuilder interface.
func (AuthOptions) ToTokenV3CreateMap ¶
func (opts AuthOptions) ToTokenV3CreateMap(map[string]interface{}) (map[string]interface{}, error)
ToTokenV3CreateMap builds a create request body.
func (AuthOptions) ToTokenV3HeadersMap ¶
func (opts AuthOptions) ToTokenV3HeadersMap(headerOpts map[string]interface{}) (map[string]string, error)
ToTokenV3HeadersMap builds the headers required for an OAuth1-based create request.
func (AuthOptions) ToTokenV3ScopeMap ¶
func (opts AuthOptions) ToTokenV3ScopeMap() (map[string]interface{}, error)
ToTokenV3ScopeMap allows AuthOptions to satisfy the tokens.AuthOptionsBuilder interface.
type AuthorizeTokenOpts ¶
type AuthorizeTokenOpts struct {
Roles []Role `json:"roles"`
}
AuthorizeTokenOpts provides options used to authorize a request token.
func (AuthorizeTokenOpts) ToOAuth1AuthorizeTokenMap ¶
func (opts AuthorizeTokenOpts) ToOAuth1AuthorizeTokenMap() (map[string]interface{}, error)
ToOAuth1AuthorizeTokenMap formats an AuthorizeTokenOpts into an authorize token request.
type AuthorizeTokenOptsBuilder ¶
type AuthorizeTokenOptsBuilder interface {
ToOAuth1AuthorizeTokenMap() (map[string]interface{}, error)
}
AuthorizeTokenOptsBuilder allows extensions to add additional parameters to the AuthorizeToken request.
type AuthorizeTokenResult ¶
type AuthorizeTokenResult struct {
gophercloud.Result
}
func AuthorizeToken ¶
func AuthorizeToken(client *gophercloud.ServiceClient, id string, opts AuthorizeTokenOptsBuilder) (r AuthorizeTokenResult)
AuthorizeToken authorizes an unauthorized consumer token.
func (AuthorizeTokenResult) Extract ¶
func (r AuthorizeTokenResult) Extract() (*AuthorizedToken, error)
Extract interprets AuthorizeTokenResult result as a AuthorizedToken.
type AuthorizedToken ¶
type AuthorizedToken struct {
// OAuthVerifier is the ID of the token verifier.
OAuthVerifier string `json:"oauth_verifier"`
}
AuthorizedToken contains an OAuth1 authorized token info.
type Consumer ¶
type Consumer struct {
ID string `json:"id"`
Secret string `json:"secret"`
Description string `json:"description"`
}
Consumer represents a delegated authorization request between two identities.
func ExtractConsumers ¶
func ExtractConsumers(r pagination.Page) ([]Consumer, error)
ExtractConsumers returns a slice of Consumers contained in a single page of results.
type ConsumersPage ¶
type ConsumersPage struct {
pagination.LinkedPageBase
}
ConsumersPage is a single page of Region results.
func (ConsumersPage) IsEmpty ¶
func (c ConsumersPage) IsEmpty() (bool, error)
IsEmpty determines whether or not a page of Consumers contains any results.
func (ConsumersPage) NextPageURL ¶
func (c ConsumersPage) NextPageURL() (string, error)
NextPageURL extracts the "next" link from the links section of the result.
type CreateAccessTokenOpts ¶
type CreateAccessTokenOpts struct {
// OAuthConsumerKey is the OAuth1 Consumer Key.
OAuthConsumerKey string `q:"oauth_consumer_key" required:"true"`
// OAuthConsumerSecret is the OAuth1 Consumer Secret. Used to generate
// an OAuth1 request signature.
OAuthConsumerSecret string `required:"true"`
// OAuthToken is the OAuth1 Request Token.
OAuthToken string `q:"oauth_token" required:"true"`
// OAuthTokenSecret is the OAuth1 Request Token Secret. Used to generate
// an OAuth1 request signature.
OAuthTokenSecret string `required:"true"`
// OAuthVerifier is the OAuth1 verification code.
OAuthVerifier string `q:"oauth_verifier" required:"true"`
// OAuthSignatureMethod is the OAuth1 signature method the Consumer used
// to sign the request. Supported values are "HMAC-SHA1" or "PLAINTEXT".
// "PLAINTEXT" is not recommended for production usage.
OAuthSignatureMethod SignatureMethod `q:"oauth_signature_method" required:"true"`
// OAuthTimestamp is an OAuth1 request timestamp. If nil, current Unix
// timestamp will be used.
OAuthTimestamp *time.Time
// OAuthNonce is an OAuth1 request nonce. Nonce must be a random string,
// uniquely generated for each request. Will be generated automatically
// when it is not set.
OAuthNonce string `q:"oauth_nonce"`
}
CreateAccessTokenOpts provides options used to create an OAuth1 token.
func (CreateAccessTokenOpts) ToOAuth1CreateAccessTokenHeaders ¶
func (opts CreateAccessTokenOpts) ToOAuth1CreateAccessTokenHeaders(method, u string) (map[string]string, error)
ToOAuth1CreateAccessTokenHeaders formats a CreateAccessTokenOpts into a map of request headers.
type CreateAccessTokenOptsBuilder ¶
type CreateAccessTokenOptsBuilder interface {
ToOAuth1CreateAccessTokenHeaders(string, string) (map[string]string, error)
}
CreateAccessTokenOptsBuilder allows extensions to add additional parameters to the CreateAccessToken request.
type CreateConsumerOpts ¶
type CreateConsumerOpts struct {
// Description is the consumer description.
Description string `json:"description"`
}
CreateConsumerOpts provides options used to create a new Consumer.
func (CreateConsumerOpts) ToOAuth1CreateConsumerMap ¶
func (opts CreateConsumerOpts) ToOAuth1CreateConsumerMap() (map[string]interface{}, error)
ToOAuth1CreateConsumerMap formats a CreateConsumerOpts into a create request.
type CreateConsumerOptsBuilder ¶
type CreateConsumerOptsBuilder interface {
ToOAuth1CreateConsumerMap() (map[string]interface{}, error)
}
CreateConsumerOptsBuilder allows extensions to add additional parameters to the CreateConsumer request.
type CreateConsumerResult ¶
type CreateConsumerResult struct {
// contains filtered or unexported fields
}
CreateConsumerResult is the response from a Create operation. Call its Extract method to interpret it as a Consumer.
func CreateConsumer ¶
func CreateConsumer(client *gophercloud.ServiceClient, opts CreateConsumerOptsBuilder) (r CreateConsumerResult)
Create creates a new Consumer.
type DeleteConsumerResult ¶
type DeleteConsumerResult struct {
gophercloud.ErrResult
}
DeleteConsumerResult is the response from a Delete operation. Call its ExtractErr to determine if the request succeeded or failed.
func DeleteConsumer ¶
func DeleteConsumer(client *gophercloud.ServiceClient, id string) (r DeleteConsumerResult)
Delete deletes a Consumer.
type GetAccessTokenResult ¶
type GetAccessTokenResult struct {
gophercloud.Result
}
func GetAccessToken ¶
func GetAccessToken(client *gophercloud.ServiceClient, userID string, id string) (r GetAccessTokenResult)
GetAccessToken retrieves details on a single OAuth1 access token by an ID.
func (GetAccessTokenResult) Extract ¶
func (r GetAccessTokenResult) Extract() (*AccessToken, error)
Extract interprets any GetAccessTokenResult result as an AccessToken.
type GetAccessTokenRoleResult ¶
type GetAccessTokenRoleResult struct {
gophercloud.Result
}
func GetAccessTokenRole ¶
func GetAccessTokenRole(client *gophercloud.ServiceClient, userID string, id string, roleID string) (r GetAccessTokenRoleResult)
GetAccessTokenRole retrieves details on a single OAuth1 access token role by an ID.
func (GetAccessTokenRoleResult) Extract ¶
func (r GetAccessTokenRoleResult) Extract() (*AccessTokenRole, error)
Extract interprets any GetAccessTokenRoleResult result as an AccessTokenRole.
type GetConsumerResult ¶
type GetConsumerResult struct {
// contains filtered or unexported fields
}
GetConsumerResult is the response from a Get operation. Call its Extract method to interpret it as a Consumer.
func GetConsumer ¶
func GetConsumer(client *gophercloud.ServiceClient, id string) (r GetConsumerResult)
GetConsumer retrieves details on a single Consumer by ID.
type OAuth1 ¶
type OAuth1 struct {
AccessTokenID string `json:"access_token_id"`
ConsumerID string `json:"consumer_id"`
}
OAuth1 is an OAuth1 object, returned in OAuth1 token result.
type RequestTokenOpts ¶
type RequestTokenOpts struct {
// OAuthConsumerKey is the OAuth1 Consumer Key.
OAuthConsumerKey string `q:"oauth_consumer_key" required:"true"`
// OAuthConsumerSecret is the OAuth1 Consumer Secret. Used to generate
// an OAuth1 request signature.
OAuthConsumerSecret string `required:"true"`
// OAuthSignatureMethod is the OAuth1 signature method the Consumer used
// to sign the request. Supported values are "HMAC-SHA1" or "PLAINTEXT".
// "PLAINTEXT" is not recommended for production usage.
OAuthSignatureMethod SignatureMethod `q:"oauth_signature_method" required:"true"`
// OAuthTimestamp is an OAuth1 request timestamp. If nil, current Unix
// timestamp will be used.
OAuthTimestamp *time.Time
// OAuthNonce is an OAuth1 request nonce. Nonce must be a random string,
// uniquely generated for each request. Will be generated automatically
// when it is not set.
OAuthNonce string `q:"oauth_nonce"`
// RequestedProjectID is a Project ID a consumer user requested an
// access to.
RequestedProjectID string `h:"Requested-Project-Id"`
}
RequestTokenOpts provides options used to get a consumer unauthorized request token.
func (RequestTokenOpts) ToOAuth1RequestTokenHeaders ¶
func (opts RequestTokenOpts) ToOAuth1RequestTokenHeaders(method, u string) (map[string]string, error)
ToOAuth1RequestTokenHeaders formats a RequestTokenOpts into a map of request headers.
type RequestTokenOptsBuilder ¶
type RequestTokenOptsBuilder interface {
ToOAuth1RequestTokenHeaders(string, string) (map[string]string, error)
}
RequestTokenOptsBuilder allows extensions to add additional parameters to the RequestToken request.
type RevokeAccessTokenResult ¶
type RevokeAccessTokenResult struct {
gophercloud.ErrResult
}
RevokeAccessTokenResult is the response from a Delete operation. Call its ExtractErr to determine if the request succeeded or failed.
func RevokeAccessToken ¶
func RevokeAccessToken(client *gophercloud.ServiceClient, userID string, id string) (r RevokeAccessTokenResult)
RevokeAccessToken revokes an OAuth1 access token.
type SignatureMethod ¶
type SignatureMethod string
Type SignatureMethod is a OAuth1 SignatureMethod type.
const ( // HMACSHA1 is a recommended OAuth1 signature method. HMACSHA1 SignatureMethod = "HMAC-SHA1" // PLAINTEXT signature method is not recommended to be used in // production environment. PLAINTEXT SignatureMethod = "PLAINTEXT" // OAuth1TokenContentType is a supported content type for an OAuth1 // token. OAuth1TokenContentType = "application/x-www-form-urlencoded" )
type Token ¶
type Token struct {
// OAuthToken is the key value for the oauth token that the Identity API returns.
OAuthToken string `q:"oauth_token"`
// OAuthTokenSecret is the secret value associated with the OAuth Token.
OAuthTokenSecret string `q:"oauth_token_secret"`
// OAuthExpiresAt is the date and time when an OAuth token expires.
OAuthExpiresAt *time.Time `q:"-"`
}
Token contains an OAuth1 token.
type TokenExt ¶
type TokenExt struct {
OAuth1 OAuth1 `json:"OS-OAUTH1"`
}
TokenExt represents an extension of the base token result.
type TokenResult ¶
type TokenResult struct {
gophercloud.Result
Body []byte
}
TokenResult is a struct to handle "Content-Type: application/x-www-form-urlencoded" response.
func CreateAccessToken ¶
func CreateAccessToken(client *gophercloud.ServiceClient, opts CreateAccessTokenOptsBuilder) (r TokenResult)
CreateAccessToken creates a new OAuth1 Access Token
func RequestToken ¶
func RequestToken(client *gophercloud.ServiceClient, opts RequestTokenOptsBuilder) (r TokenResult)
RequestToken requests an unauthorized OAuth1 Token.
func (TokenResult) Extract ¶
func (r TokenResult) Extract() (*Token, error)
Extract interprets any OAuth1 token result as a Token.
type UpdateConsumerOpts ¶
type UpdateConsumerOpts struct {
// Description is the consumer description.
Description string `json:"description"`
}
UpdateConsumerOpts provides options used to update a consumer.
func (UpdateConsumerOpts) ToOAuth1UpdateConsumerMap ¶
func (opts UpdateConsumerOpts) ToOAuth1UpdateConsumerMap() (map[string]interface{}, error)
ToOAuth1UpdateConsumerMap formats an UpdateConsumerOpts into a consumer update request.
type UpdateConsumerResult ¶
type UpdateConsumerResult struct {
// contains filtered or unexported fields
}
UpdateConsumerResult is the response from a Create operation. Call its Extract method to interpret it as a Consumer.
func UpdateConsumer ¶
func UpdateConsumer(client *gophercloud.ServiceClient, id string, opts UpdateConsumerOpts) (r UpdateConsumerResult)
UpdateConsumer updates an existing Consumer.
Source Files