Documentation ¶
Index ¶
- Variables
- type AuthenticationOAuth2ClientCredentialsRequest
- type AuthenticationOAuth2IntrospectionRequest
- type Authenticator
- type DefaultSession
- type IntrospectionResponse
- type OAuth2ClientCredentialsAuthentication
- type OAuth2ClientCredentialsSession
- type OAuth2IntrospectionAuthentication
- type OAuth2Session
- type PlaintextAuthentication
- type Session
Constants ¶
This section is empty.
Variables ¶
View Source
http.StatusUnauthorized, ErrorField: "The provided credentials are invalid, expired, or are not authorized to use the requested scope", }CodeField:
Functions ¶
This section is empty.
Types ¶
type AuthenticationOAuth2ClientCredentialsRequest ¶
type AuthenticationOAuth2ClientCredentialsRequest struct { // Token is the token to introspect. ClientID string `json:"client_id"` ClientSecret string `json:"client_secret"` // Scope is an array of scopes that are required. Scopes []string `json:"scope"` }
swagger:model AuthenticationOAuth2ClientCredentialsRequest
type AuthenticationOAuth2IntrospectionRequest ¶
type AuthenticationOAuth2IntrospectionRequest struct { // Token is the token to introspect. Token string `json:"token"` // Scope is an array of scopes that are required. Scope []string `json:"scope"` }
swagger:model AuthenticationOAuth2IntrospectionRequest
type Authenticator ¶
type DefaultSession ¶
type DefaultSession struct { // Subject is the identity that authorized issuing the token, for example a user or an OAuth2 app. // This is usually a uuid but you can choose a urn or some other id too. Subject string `json:"sub"` // Allowed is true if the request is allowed and false otherwise. Allowed bool `json:"allowed"` }
swagger:model authenticationDefaultSession
func (*DefaultSession) DenyAccess ¶
func (s *DefaultSession) DenyAccess()
func (*DefaultSession) GetSubject ¶
func (s *DefaultSession) GetSubject() string
func (*DefaultSession) GrantAccess ¶
func (s *DefaultSession) GrantAccess()
type IntrospectionResponse ¶
type IntrospectionResponse struct { Active bool `json:"active"` Scope string `json:"scope,omitempty"` ClientID string `json:"client_id,omitempty"` // Here, it's sub Subject string `json:"sub,omitempty"` ExpiresAt int64 `json:"exp,omitempty"` IssuedAt int64 `json:"iat,omitempty"` NotBefore int64 `json:"nbf,omitempty"` Username string `json:"username,omitempty"` Audience []string `json:"aud,omitempty"` Issuer string `json:"iss,omitempty"` TokenType string `json:"token_type,omitempty"` // Session represents arbitrary session data. Extra map[string]interface{} `json:"ext"` }
type OAuth2ClientCredentialsAuthentication ¶
type OAuth2ClientCredentialsAuthentication struct {
// contains filtered or unexported fields
}
func NewOAuth2ClientCredentialsAuthentication ¶
func NewOAuth2ClientCredentialsAuthentication(tokenURL string) *OAuth2ClientCredentialsAuthentication
func (*OAuth2ClientCredentialsAuthentication) Authenticate ¶
func (a *OAuth2ClientCredentialsAuthentication) Authenticate(r *http.Request) (Session, error)
type OAuth2ClientCredentialsSession ¶
type OAuth2ClientCredentialsSession struct { // Here, it's subject *DefaultSession }
swagger:model authenticationOAuth2ClientCredentialsSession
func NewOAuth2ClientCredentialsSession ¶
func NewOAuth2ClientCredentialsSession() *OAuth2ClientCredentialsSession
type OAuth2IntrospectionAuthentication ¶
type OAuth2IntrospectionAuthentication struct {
// contains filtered or unexported fields
}
func NewOAuth2IntrospectionAuthentication ¶
func NewOAuth2IntrospectionAuthentication(clientID, clientSecret, tokenURL, introspectionURL string, scopes []string, strategy fosite.ScopeStrategy) *OAuth2IntrospectionAuthentication
func (*OAuth2IntrospectionAuthentication) Authenticate ¶
func (a *OAuth2IntrospectionAuthentication) Authenticate(r *http.Request) (Session, error)
func (*OAuth2IntrospectionAuthentication) Introspect ¶
func (a *OAuth2IntrospectionAuthentication) Introspect(token string, scopes []string, strategy fosite.ScopeStrategy) (*IntrospectionResponse, error)
type OAuth2Session ¶
type OAuth2Session struct { // Subject is the identity that authorized issuing the token, for example a user or an OAuth2 app. // This is usually a uuid but you can choose a urn or some other id too. Subject string `json:"sub"` // Allowed is true if the request is allowed and false otherwise. Allowed bool `json:"allowed"` // GrantedScopes is a list of scopes that the subject authorized when asked for consent. GrantedScopes string `json:"scope"` // Issuer is the id of the issuer, typically an hydra instance. Issuer string `json:"iss"` // ClientID is the id of the OAuth2 client that requested the token. ClientID string `json:"client_id"` // IssuedAt is the token creation time stamp. IssuedAt time.Time `json:"iat"` // ExpiresAt is the expiry timestamp. ExpiresAt time.Time `json:"exp"` NotBefore time.Time `json:"nbf,omitempty"` Username string `json:"username,omitempty"` Audience []string `json:"aud,omitempty"` // Session represents arbitrary session data. Extra map[string]interface{} `json:"session,omitempty"` }
swagger:model authenticationOAuth2Session
func (*OAuth2Session) DenyAccess ¶
func (s *OAuth2Session) DenyAccess()
func (*OAuth2Session) GetSubject ¶
func (s *OAuth2Session) GetSubject() string
func (*OAuth2Session) GrantAccess ¶
func (s *OAuth2Session) GrantAccess()
type PlaintextAuthentication ¶
type PlaintextAuthentication struct {
// contains filtered or unexported fields
}
func NewPlaintextAuthentication ¶
func NewPlaintextAuthentication() *PlaintextAuthentication
func (*PlaintextAuthentication) Authenticate ¶
func (a *PlaintextAuthentication) Authenticate(r *http.Request) (Session, error)
Click to show internal directories.
Click to hide internal directories.