deviceflow

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 7, 2024 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Config

type Config struct {
	TokenRefreshGracePeriod config.Duration `json:"refreshTime" pflag:",grace period from the token expiry after which it would refresh the token."`
	Timeout                 config.Duration `json:"timeout" pflag:",amount of time the device flow should complete or else it will be cancelled."`
	PollInterval            config.Duration `` /* 182-byte string literal not displayed */
}

Config defines settings used for Device orchestration flow.

type DeviceAccessTokenRequest

type DeviceAccessTokenRequest struct {
	// ClientID is the client identifier issued to the client during the registration process of OAuth app with the authorization server
	ClientID string `json:"client_id"`
	// DeviceCode unique device code generated by the authorization server.
	DeviceCode string `json:"device_code"`
	//  Value MUST be set to "urn:ietf:params:oauth:grant-type:device_code"
	GrantType string `json:"grant_type"`
}

type DeviceAccessTokenResponse

type DeviceAccessTokenResponse struct {
	oauth2.Token
	Error string `json:"error"`
}

type DeviceAuthorizationRequest

type DeviceAuthorizationRequest struct {
	// ClientID is the client identifier issued to the client during the registration process of OAuth app with the authorization server
	ClientID string `json:"client_id"`
	// Scope is the scope parameter of the access request
	Scope string `json:"scope"`
	// Audience defines at which endpoints the token can be used.
	Audience string `json:"audience"`
}

DeviceAuthorizationRequest sent to authorization server directly from the client app

type DeviceAuthorizationResponse

type DeviceAuthorizationResponse struct {
	// DeviceCode unique device code generated by the authorization server.
	DeviceCode string `json:"device_code"`
	// UserCode unique code generated for the user to enter on another device
	UserCode string `json:"user_code"`
	// VerificationURI url endpoint of the authorization server which host the device and app verification
	VerificationURI string `json:"verification_uri"`
	// VerificationURIComplete url endpoint of the authorization server which host the device and app verification along with user code
	VerificationURIComplete string `json:"verification_uri_complete"`
	// ExpiresIn  lifetime in seconds of the "device_code" and "user_code"
	ExpiresIn int64 `json:"expires_in"`
	// Interval minimum amount of time in secs the client app should wait between polling requests to the token endpoint.
	Interval int64 `json:"interval"`
}

DeviceAuthorizationResponse contains the information that the end user would use to authorize the app requesting the resource access.

type OAuthTokenOrError

type OAuthTokenOrError struct {
	*oauth2.Token
	Error string `json:"error,omitempty"`
}

OAuthTokenOrError containing the token

type TokenOrchestrator

type TokenOrchestrator struct {
	Config Config
	tokenorchestrator.BaseTokenOrchestrator
}

TokenOrchestrator implements the main logic to initiate device authorization flow

func NewDeviceFlowTokenOrchestrator

func NewDeviceFlowTokenOrchestrator(baseOrchestrator tokenorchestrator.BaseTokenOrchestrator, cfg Config) (TokenOrchestrator, error)

NewDeviceFlowTokenOrchestrator creates a new TokenOrchestrator that implements the main logic to start device authorization flow and fetch device code and then poll on the token endpoint until the device authorization is approved/denied by the user

func (TokenOrchestrator) FetchTokenFromAuthFlow

func (t TokenOrchestrator) FetchTokenFromAuthFlow(ctx context.Context) (*oauth2.Token, error)

FetchTokenFromAuthFlow starts a webserver to listen to redirect callback from the authorization server at the end of the flow. It then launches the browser to authenticate the user.

func (TokenOrchestrator) PollTokenEndpoint

func (t TokenOrchestrator) PollTokenEndpoint(ctx context.Context, tokReq DeviceAccessTokenRequest, pollInterval time.Duration) (*oauth2.Token, error)

PollTokenEndpoint polls the token endpoint until the user authorizes/ denies the app or an error occurs other than slow_down or authorization_pending

func (TokenOrchestrator) StartDeviceAuthorization

StartDeviceAuthorization will initiate the OAuth2 device authorization flow.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL