Documentation ¶
Overview ¶
Package server provides an http oauth REST API
Index ¶
- Constants
- Variables
- func EnsureURI(uri string, search []string, r ...*http.Request) (*url.URL, error)
- func VerifySend(ctx context.Context, params *VerifySendParams) error
- type AuthorizeParams
- type JWKSInput
- type LoginParams
- type LogoutParams
- type OIDConfigInput
- type Option
- type PasswordCreateParams
- type PasswordType
- type PasswordUpdateParams
- type RedirectError
- type Server
- type SessionParams
- type SignupParams
- type TokenParams
- type UserInfoUpdateParams
- type VerifyParams
- type VerifySendParams
Constants ¶
const (
// AuthRequestParam is the name of the request token parameter
AuthRequestParam = "request_token"
)
Variables ¶
var ( // ErrMissingParameter is returned when a parameter is missing ErrMissingParameter = func(u *url.URL, param string) api.Responder { return api.ErrorRedirect(u, http.StatusBadRequest, "%s required", param) } // ErrInvalidParameter is returned when a parameter is valid ErrInvalidParameter = func(u *url.URL, param string) api.Responder { return api.ErrorRedirect(u, http.StatusBadRequest, "%s is not valid", param) } // ErrInvalidContext is returned when the context can not be resolved ErrInvalidContext = func(u *url.URL) api.Responder { return api.ErrorRedirect(u, http.StatusForbidden, "invalid context") } // ErrExpiredRequestToken is returned when the token is expired ErrExpiredRequestToken = func(u *url.URL) api.Responder { return api.ErrorRedirect(u, http.StatusUnauthorized, "request token is expired") } // ErrUserNotFound is returned when the user is not found ErrUserNotFound = func(u *url.URL) api.Responder { return api.ErrorRedirect(u, http.StatusUnauthorized, "user does not exist") } ErrUnauthorizedRediretURI = func(u *url.URL) api.Responder { return api.ErrorRedirect(u, http.StatusForbidden, "unauthorized redirect_uri") } ErrUnauthorized = func(u *url.URL, reason string) api.Responder { return api.ErrorRedirect(u, http.StatusUnauthorized, reason) } )
var (
// DefaultCodeChallengeMethod is the only challenge method
DefaultCodeChallengeMethod = "plain"
)
Functions ¶
func VerifySend ¶ added in v0.1.10
func VerifySend(ctx context.Context, params *VerifySendParams) error
VerifySend sends a verification to the user
Types ¶
type AuthorizeParams ¶
type AuthorizeParams struct { AppURI *string `json:"app_uri"` Audience *string `json:"audience,omitempty"` ClientID string `json:"client_id"` CodeChallenge *string `json:"code_challenge"` CodeChallengeMethod *string `json:"code_challenge_method,omitempty"` RedirectURI *string `json:"redirect_uri"` ResponseType string `json:"response_type"` Scope []string `json:"scope"` State *string `json:"state,omitempty"` Nonce *string `json:"nonce,omitempty"` }
AuthorizeParams contains all the bound params for the authorize operation
func (*AuthorizeParams) Validate ¶
func (p *AuthorizeParams) Validate() error
Validate validates the params
type JWKSInput ¶ added in v0.1.2
type JWKSInput struct { }
JWKSInput is the input for the jwks route
type LoginParams ¶
type LoginParams struct { Login string `json:"login"` Password string `json:"password"` RequestToken string `json:"request_token"` }
LoginParams contains all the bound params for the login operation
type LogoutParams ¶
type LogoutParams struct { Audience *string `json:"audience,omitempty"` ClientID *string `json:"client_id"` RedirectURI *string `json:"redirect_uri,omitempty"` PostLogoutRedirectURI *string `json:"post_logout_redirect_uri,omitempty"` TokenHint *string `json:"id_token_hint,omitempty"` State *string `json:"state"` }
LogoutParams contains all the bound params for the logout operation
func (LogoutParams) Validate ¶
func (p LogoutParams) Validate() error
Validate validates LogoutParams
type OIDConfigInput ¶ added in v0.1.2
type OIDConfigInput struct { }
OIDConfigInput is the input for the jwks route
type Option ¶
type Option func(s *Server)
Option provides the server options, these will override th defaults and instance values.
func WithAllowedGrants ¶
func WithAllowedGrants(g oauth.Permissions) Option
WithAllowedGrants sets allowed grants
func WithAuthorizer ¶
func WithAuthorizer(a oauth.Authorizer) Option
WithAuthorizer sets the oauth.Authorizer for the necessary calls
func WithCodeStore ¶
WithCodeStore changes the default code store for the server
func WithSessionStore ¶
func WithSessionStore(c oauth.SessionStore) Option
WithSessionStore changes the default session store for the server
type PasswordCreateParams ¶
type PasswordCreateParams struct { Login *string `json:"login,omitempty"` Notify oauth.NotificationChannels `json:"notify"` Type PasswordType `json:"type"` RequestToken *string `json:"request_token,omitempty"` AppURI *oauth.URI `json:"app_uri,omitempty"` RedirectURI *oauth.URI `json:"redirect_uri,omitempty"` CodeVerifier *string `json:"code_verifier,omitempty"` }
PasswordCreateParams is the input to the password get route
func (PasswordCreateParams) Validate ¶
func (p PasswordCreateParams) Validate() error
Validate validates PasswordGetInput
type PasswordType ¶
type PasswordType string
PasswordType defines a password type
const ( // PasswordTypeLink is a magic password link PasswordTypeLink PasswordType = "link" // PasswordTypeCode is a one-time use password code PasswordTypeCode PasswordType = "code" // PasswordTypeReset sends both a link with the password scope and a code PasswordTypeReset PasswordType = "reset" )
func (PasswordType) Validate ¶
func (p PasswordType) Validate() error
Validate validates the PasswordType
type PasswordUpdateParams ¶
type PasswordUpdateParams struct { Password string `json:"password"` ResetCode string `json:"reset_code"` RedirectURI *oauth.URI `json:"redirect_uri"` }
PasswordUpdateParams are used by the password update route
func (PasswordUpdateParams) Validate ¶
func (p PasswordUpdateParams) Validate() error
Validate validates PasswordGetInput
type RedirectError ¶ added in v0.1.17
RedirectError defines a redirect error handler
type Server ¶
Server is an API server it can be used standalone vi Server() or integrared via Handler()
func New ¶
func New(ctrl oauth.Controller, opts ...interface{}) *Server
New returns a new Server instance
func (*Server) Sessions ¶
func (s *Server) Sessions() oauth.SessionStore
Sessions returns the sessions
type SessionParams ¶
type SessionParams struct { RequestToken string `json:"request_token"` AuthCode bool `json:"auth_code"` RedirectURI *oauth.URI `json:"redirect_uri"` State *string `json:"state,omitempty"` }
SessionParams is the session request parameters
type SignupParams ¶
type SignupParams struct { Email *string `json:"email,omitempty"` InviteCode *string `json:"invite_code"` Login string `json:"login"` Name *string `json:"name"` Password *string `json:"password"` RequestToken string `json:"request_token"` }
SignupParams contains all the bound params for the signup operation
func (SignupParams) Validate ¶
func (p SignupParams) Validate() error
Validate validates SignupParams
type TokenParams ¶
type TokenParams struct { Audience *string `json:"audience,omitempty"` ClientID *string `json:"client_id"` ClientSecret *string `json:"client_secret,omitempty"` Code *string `json:"code,omitempty"` CodeVerifier *string `json:"code_verifier"` GrantType string `json:"grant_type"` Password *string `json:"password,omitempty"` RefreshNonce *string `json:"refresh_nonce,omitempty"` RefreshToken *string `json:"refresh_token,omitempty"` RefreshVerifier *string `json:"refresh_verifier,omitempty"` Scope []string `json:"scope,omitempty"` Username *string `json:"username,omitempty"` }
TokenParams contains all the bound params for the token operation
type UserInfoUpdateParams ¶
UserInfoUpdateParams contains all the bound params for the user info update operation
type VerifyParams ¶
type VerifyParams struct {
RedirectURI string `json:"redirect_uri"`
}
VerifyParams contains the email verify params
func (VerifyParams) Validate ¶
func (p VerifyParams) Validate() error
Validate validates UserEmailVerifyParams
type VerifySendParams ¶
type VerifySendParams struct { Method oauth.NotificationChannel `json:"method"` Signup bool `json:"-"` }
VerifySendParams are the params for the verification send method