Documentation ¶
Index ¶
- Constants
- Variables
- type AuthCodeExchangeOption
- type AuthCodeExchangeOptions
- type AuthCodeURLOption
- type AuthCodeURLOptions
- type ClientCredentialsOption
- type ClientCredentialsOptions
- type ConstantTimeoutAlgorithm
- type DeviceCodeAuthOption
- type DeviceCodeAuthOptions
- type DeviceCodeExchangeOption
- type DeviceCodeExchangeOptions
- type Endpoint
- type EndpointFactoryFunc
- type FactoryFunc
- type LogarithmicTimeoutAlgorithm
- type OptionError
- type PrivateOperations
- type Provider
- func AzureADFactory(ctx context.Context, vsn int, opts map[string]string) (Provider, error)
- func CustomFactory(ctx context.Context, vsn int, opts map[string]string) (Provider, error)
- func GoogleFactory(ctx context.Context, vsn int, opts map[string]string) (Provider, error)
- func OIDCFactory(ctx context.Context, vsn int, opts map[string]string) (Provider, error)
- type PublicOperations
- type RefreshTokenOption
- type RefreshTokenOptions
- type Registry
- func (r *Registry) MustRegister(name string, factory FactoryFunc)
- func (r *Registry) New(ctx context.Context, name string, opts map[string]string) (Provider, error)
- func (r *Registry) NewAt(ctx context.Context, name string, vsn int, opts map[string]string) (Provider, error)
- func (r *Registry) Register(name string, factory FactoryFunc) error
- type TimeToExpiryPiecewiseTimeoutAlgorithm
- type TimeToExpiryPiecewiseTimeoutMapping
- type TimeoutAlgorithm
- type TimeoutProvider
- type Token
- type WithProviderOptions
- func (wpo WithProviderOptions) ApplyToAuthCodeExchangeOptions(target *AuthCodeExchangeOptions)
- func (wpo WithProviderOptions) ApplyToAuthCodeURLOptions(target *AuthCodeURLOptions)
- func (wpo WithProviderOptions) ApplyToClientCredentialsOptions(target *ClientCredentialsOptions)
- func (wpo WithProviderOptions) ApplyToDeviceCodeAuthOptions(target *DeviceCodeAuthOptions)
- func (wpo WithProviderOptions) ApplyToDeviceCodeExchangeOptions(target *DeviceCodeExchangeOptions)
- func (wpo WithProviderOptions) ApplyToRefreshTokenOptions(target *RefreshTokenOptions)
- type WithRedirectURL
- type WithScopes
- type WithURLParams
Constants ¶
const VersionLatest = -1
Variables ¶
var ( ErrNoSuchProvider = errors.New("no provider with the given name") ErrNoProviderWithVersion = errors.New("version not supported") ErrNoOptions = errors.New("options provided but none accepted") ErrMissingClientSecret = errors.New("missing client secret in configuration") )
var ( ErrOIDCMissingIDToken = errors.New("oidc: missing ID token in response") ErrOIDCNonceMismatch = errors.New("oidc: nonce does not match") )
var GlobalRegistry = NewRegistry()
Functions ¶
This section is empty.
Types ¶
type AuthCodeExchangeOption ¶
type AuthCodeExchangeOption interface {
ApplyToAuthCodeExchangeOptions(target *AuthCodeExchangeOptions)
}
type AuthCodeExchangeOptions ¶
type AuthCodeExchangeOptions struct { RedirectURL string AuthCodeOptions []oauth2.AuthCodeOption ProviderOptions map[string]string }
AuthCodeExchangeOptions are options for the AuthCodeExchange operation.
func (*AuthCodeExchangeOptions) ApplyOptions ¶
func (o *AuthCodeExchangeOptions) ApplyOptions(opts []AuthCodeExchangeOption)
type AuthCodeURLOption ¶
type AuthCodeURLOption interface {
ApplyToAuthCodeURLOptions(target *AuthCodeURLOptions)
}
type AuthCodeURLOptions ¶
type AuthCodeURLOptions struct { RedirectURL string Scopes []string AuthCodeOptions []oauth2.AuthCodeOption ProviderOptions map[string]string }
AuthCodeURLOptions are options for the AuthCodeURL operation.
func (*AuthCodeURLOptions) ApplyOptions ¶
func (o *AuthCodeURLOptions) ApplyOptions(opts []AuthCodeURLOption)
type ClientCredentialsOption ¶
type ClientCredentialsOption interface {
ApplyToClientCredentialsOptions(target *ClientCredentialsOptions)
}
type ClientCredentialsOptions ¶
type ClientCredentialsOptions struct { Scopes []string EndpointParams url.Values ProviderOptions map[string]string }
ClientCredentialsOptions are options for the ClientCredentials operation.
func (*ClientCredentialsOptions) ApplyOptions ¶
func (o *ClientCredentialsOptions) ApplyOptions(opts []ClientCredentialsOption)
type ConstantTimeoutAlgorithm ¶
type ConstantTimeoutAlgorithm struct {
// contains filtered or unexported fields
}
func NewConstantTimeoutAlgorithm ¶
func NewConstantTimeoutAlgorithm(timeout time.Duration) *ConstantTimeoutAlgorithm
type DeviceCodeAuthOption ¶
type DeviceCodeAuthOption interface {
ApplyToDeviceCodeAuthOptions(target *DeviceCodeAuthOptions)
}
type DeviceCodeAuthOptions ¶
DeviceCodeAuthOptions are options for the DeviceCodeAuth operation.
func (*DeviceCodeAuthOptions) ApplyOptions ¶
func (o *DeviceCodeAuthOptions) ApplyOptions(opts []DeviceCodeAuthOption)
type DeviceCodeExchangeOption ¶
type DeviceCodeExchangeOption interface {
ApplyToDeviceCodeExchangeOptions(target *DeviceCodeExchangeOptions)
}
type DeviceCodeExchangeOptions ¶
DeviceCodeExchangeOptions are options for the DeviceCodeExchange operation.
func (*DeviceCodeExchangeOptions) ApplyOptions ¶
func (o *DeviceCodeExchangeOptions) ApplyOptions(opts []DeviceCodeExchangeOption)
type Endpoint ¶
Endpoint is an extension of oauth2.Endpoint that also provides information about other URLs.
type EndpointFactoryFunc ¶
EndpointFactoryFunc returns an Endpoint given some provider configuration.
func StaticEndpointFactory ¶
func StaticEndpointFactory(endpoint Endpoint) EndpointFactoryFunc
StaticEndpointFactory returns an EndpointFactoryFunc for a static endpoint configuration that does not take provider options.
type FactoryFunc ¶
func BasicFactory ¶
func BasicFactory(endpoint Endpoint) FactoryFunc
type LogarithmicTimeoutAlgorithm ¶
type LogarithmicTimeoutAlgorithm struct {
// contains filtered or unexported fields
}
func NewLogarithmicTimeoutAlgorithm ¶
func NewLogarithmicTimeoutAlgorithm(expiryLeewayFactor float64, timeout, expiryDelta time.Duration) *LogarithmicTimeoutAlgorithm
type OptionError ¶
func (*OptionError) Error ¶
func (oe *OptionError) Error() string
func (*OptionError) Unwrap ¶
func (oe *OptionError) Unwrap() error
type PrivateOperations ¶
type PrivateOperations interface { PublicOperations // AuthCodeExchange performs an authorization code flow exchange request. AuthCodeExchange(ctx context.Context, code string, opts ...AuthCodeExchangeOption) (*Token, error) // ClientCredentials performs a client credentials flow request. ClientCredentials(ctx context.Context, opts ...ClientCredentialsOption) (*Token, error) }
PrivateOperations defines the operations for a client that require knowledge of the client ID and client secret.
type Provider ¶
type Provider interface { // Version is the revision of this provider vis-a-vis the options it // supports. Version() int // Public returns a view of the operations for this provider for the given // client ID. Public(clientID string) PublicOperations // Private returns a complete set of the operations for this provider for // the given client ID and client secret. Private(clientID, clientSecret string) PrivateOperations }
Provider represents an integration with a particular OAuth provider using the authorization code grant.
func AzureADFactory ¶
func CustomFactory ¶
func GoogleFactory ¶
type PublicOperations ¶
type PublicOperations interface { // AuthCodeURL returns a URL to send a user to for initial authentication. // // If this provider does not define an authorization code endpoint URL, this // method returns false. AuthCodeURL(state string, opts ...AuthCodeURLOption) (string, bool) // DeviceCodeAuth performs the RFC 8628 device code authorization operation. // // If this provider does not support device code authorization, this method // returns false. DeviceCodeAuth(ctx context.Context, opts ...DeviceCodeAuthOption) (*devicecode.Auth, bool, error) // DeviceCodeExchange performs the RFC 8628 device code exchange operation // once, without polling. DeviceCodeExchange(ctx context.Context, deviceCode string, opts ...DeviceCodeExchangeOption) (*Token, error) // RefreshToken performs a refresh token flow request. // // This method does not check the expiration of the token. It forces a // refresh when invoked. // // Depending on the source of the token, this method may require the client // secret. However, for implicit and device code grants, it only requires // the client ID. RefreshToken(ctx context.Context, t *Token, opts ...RefreshTokenOption) (*Token, error) }
PublicOperations defines the operations for a client that only require knowledge of the client ID.
type RefreshTokenOption ¶
type RefreshTokenOption interface {
ApplyToRefreshTokenOptions(target *RefreshTokenOptions)
}
type RefreshTokenOptions ¶
RefreshTokenOptions are options for the RefreshToken operation.
func (*RefreshTokenOptions) ApplyOptions ¶
func (o *RefreshTokenOptions) ApplyOptions(opts []RefreshTokenOption)
type Registry ¶
type Registry struct {
// contains filtered or unexported fields
}
func NewRegistry ¶
func NewRegistry() *Registry
func (*Registry) MustRegister ¶
func (r *Registry) MustRegister(name string, factory FactoryFunc)
func (*Registry) New ¶
New looks up a provider with the given name and configures it according to the specified options.
type TimeToExpiryPiecewiseTimeoutAlgorithm ¶
type TimeToExpiryPiecewiseTimeoutAlgorithm struct {
// contains filtered or unexported fields
}
func NewTimeToExpiryPiecewiseTimeoutAlgorithm ¶
func NewTimeToExpiryPiecewiseTimeoutAlgorithm(mappings []TimeToExpiryPiecewiseTimeoutMapping) *TimeToExpiryPiecewiseTimeoutAlgorithm
type TimeToExpiryPiecewiseTimeoutMapping ¶
type TimeToExpiryPiecewiseTimeoutMapping struct { Test func(d time.Duration, ok bool) bool Algorithm TimeoutAlgorithm }
type TimeoutAlgorithm ¶
func NewBoundedLogarithmicTimeoutAlgorithm ¶
func NewBoundedLogarithmicTimeoutAlgorithm(expiryLeewayFactor float64, timeout, expiryDelta time.Duration) TimeoutAlgorithm
type TimeoutProvider ¶
type TimeoutProvider struct {
// contains filtered or unexported fields
}
func NewTimeoutProvider ¶
func NewTimeoutProvider(delegate Provider, alg TimeoutAlgorithm) *TimeoutProvider
func (*TimeoutProvider) Private ¶
func (tp *TimeoutProvider) Private(clientID, clientSecret string) PrivateOperations
func (*TimeoutProvider) Public ¶
func (tp *TimeoutProvider) Public(clientID string) PublicOperations
func (*TimeoutProvider) Version ¶
func (tp *TimeoutProvider) Version() int
type Token ¶
type Token struct { *oauth2.Token `json:",inline"` ExtraData map[string]interface{} `json:"extra_data,omitempty"` // ProviderVersion is the version of the provider that last updated this // token. It can be used to upgrade the provider options before handing off // to methods that expect versions to be synchronized with the plugin // provider version. // // May be unspecified. If not specified, provider options must be treated as // opaque data. ProviderVersion int `json:"provider_version,omitempty"` // ProviderOptions are the set of persistent options to use for this token // when configuring a provider. ProviderOptions map[string]string `json:"provider_options,omitempty"` }
Token is an extension of *oauth2.Token that also provides complementary data to store (usually from the token's own raw data).
type WithProviderOptions ¶
func (WithProviderOptions) ApplyToAuthCodeExchangeOptions ¶
func (wpo WithProviderOptions) ApplyToAuthCodeExchangeOptions(target *AuthCodeExchangeOptions)
func (WithProviderOptions) ApplyToAuthCodeURLOptions ¶
func (wpo WithProviderOptions) ApplyToAuthCodeURLOptions(target *AuthCodeURLOptions)
func (WithProviderOptions) ApplyToClientCredentialsOptions ¶
func (wpo WithProviderOptions) ApplyToClientCredentialsOptions(target *ClientCredentialsOptions)
func (WithProviderOptions) ApplyToDeviceCodeAuthOptions ¶
func (wpo WithProviderOptions) ApplyToDeviceCodeAuthOptions(target *DeviceCodeAuthOptions)
func (WithProviderOptions) ApplyToDeviceCodeExchangeOptions ¶
func (wpo WithProviderOptions) ApplyToDeviceCodeExchangeOptions(target *DeviceCodeExchangeOptions)
func (WithProviderOptions) ApplyToRefreshTokenOptions ¶
func (wpo WithProviderOptions) ApplyToRefreshTokenOptions(target *RefreshTokenOptions)
type WithRedirectURL ¶
type WithRedirectURL string
func (WithRedirectURL) ApplyToAuthCodeExchangeOptions ¶
func (wru WithRedirectURL) ApplyToAuthCodeExchangeOptions(target *AuthCodeExchangeOptions)
func (WithRedirectURL) ApplyToAuthCodeURLOptions ¶
func (wru WithRedirectURL) ApplyToAuthCodeURLOptions(target *AuthCodeURLOptions)
type WithScopes ¶
type WithScopes []string
func (WithScopes) ApplyToAuthCodeURLOptions ¶
func (ws WithScopes) ApplyToAuthCodeURLOptions(target *AuthCodeURLOptions)
func (WithScopes) ApplyToClientCredentialsOptions ¶
func (ws WithScopes) ApplyToClientCredentialsOptions(target *ClientCredentialsOptions)
func (WithScopes) ApplyToDeviceCodeAuthOptions ¶
func (ws WithScopes) ApplyToDeviceCodeAuthOptions(target *DeviceCodeAuthOptions)
type WithURLParams ¶
func (WithURLParams) ApplyToAuthCodeExchangeOptions ¶
func (wup WithURLParams) ApplyToAuthCodeExchangeOptions(target *AuthCodeExchangeOptions)
func (WithURLParams) ApplyToAuthCodeURLOptions ¶
func (wup WithURLParams) ApplyToAuthCodeURLOptions(target *AuthCodeURLOptions)
func (WithURLParams) ApplyToClientCredentialsOptions ¶
func (wup WithURLParams) ApplyToClientCredentialsOptions(target *ClientCredentialsOptions)