google

package module

v0.0.0-...-75cf163 Latest Latest Go to latest Published: Aug 18, 2023 License: Apache-2.0 Imports: 20 Imported by: 2

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/salrashid123/oauth2

Documentation ¶

Index ¶

Constants
func IdTokenSource(tokenConfig *IdTokenConfig) (oauth2.TokenSource, error)
func NewIDTokenRPCCredential(ctx context.Context, tokenSource oauth2.TokenSource) (credentials.PerRPCCredentials, error)
func VerifyGoogleIDToken(ctx context.Context, token string, aud string) (*oidc.IDToken, error)
type GCEExtension
type IAMExtension
type IdTokenConfig
type TokenSource
- func (ts TokenSource) GetRequestMetadata(ctx context.Context, uri ...string) (map[string]string, error)
- func (ts TokenSource) RequireTransportSecurity() bool

Constants ¶

View Source

const (
	GCEFullFormat = "full"
)

Variables ¶

This section is empty.

Functions ¶

func IdTokenSource ¶

func IdTokenSource(tokenConfig *IdTokenConfig) (oauth2.TokenSource, error)

IdTokenSource returns a TokenSource which returns a GoogleOIDC token

tokenConfig (IdTokenConfig): The root Credential object which will
    be used to generate the IDToken.

https://medium.com/google-cloud/authenticating-using-google-openid-connect-tokens-e7675051213b

func NewIDTokenRPCCredential ¶

func NewIDTokenRPCCredential(ctx context.Context, tokenSource oauth2.TokenSource) (credentials.PerRPCCredentials, error)

NewIDTokenRPCCredential returns a crdential object for use with gRPC clients

func VerifyGoogleIDToken ¶

func VerifyGoogleIDToken(ctx context.Context, token string, aud string) (*oidc.IDToken, error)

VerifyGoogleIDToken verifies the IdToken for expiration, signature against Google's certificates

and the audience it should be issued to
returns false if unverified
TODO: return struct to allow inspection of the actual claims, not just true/false of the
      signature+expiration+audience

Types ¶

type GCEExtension ¶

type GCEExtension struct {
	Format       string
	IncludeEmail bool
}

type IAMExtension ¶

type IAMExtension struct {
	IncludeEmail bool
}

type IdTokenConfig ¶

type IdTokenConfig struct {
	Credentials  *google.Credentials
	Audiences    []string
	GCEExtension GCEExtension
	IAMExtension IAMExtension
}

IdTokeConfig parameters to initialize IdTokenSource

Audience and Credential fields are both required.

type TokenSource ¶

type TokenSource struct {
	oauth2.TokenSource
}

TokenSource here is used to initlaize gRPC Credentials START Section for PerRPCCredentials

func (TokenSource) GetRequestMetadata ¶

func (ts TokenSource) GetRequestMetadata(ctx context.Context, uri ...string) (map[string]string, error)

GetRequestMetadata gets the request metadata as a map from a TokenSource.

func (TokenSource) RequireTransportSecurity ¶

func (ts TokenSource) RequireTransportSecurity() bool

RequireTransportSecurity indicates whether the credentials requires transport security.

Source Files ¶

View all Source files

idtoken.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL