authapi

package
v0.386.0-next.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 29, 2024 License: AGPL-3.0 Imports: 25 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// The request is missing a required parameter, includes an
	// invalid parameter value, includes a parameter more than
	// once, or is otherwise malformed.
	AuthorizationErrInvalidRequest = "invalid_request"
	// The client is not authorized to request an authorization
	// code using this method.
	AuthorizationErrUnauthorizedClient = "unauthorized_client"
	// The resource owner or authorization server denied the
	// request.
	AuthorizationErrAccessDenied = "access_denied"
	// The authorization server encountered an unexpected
	// condition that prevented it from fulfilling the request.
	// (This error code is needed because a 500 Internal Server
	// Error HTTP status code cannot be returned to the client
	// via an HTTP redirect.)
	AuthorizationErrServerError = "server_error"
)

Error response types for the authorization endpoint https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1

View Source
const (
	ArgGrantType          = "grant_type"
	ArgSubjectToken       = "subject_token"
	ArgSubjectTokenType   = "subject_token_type"
	ArgRequestedTokenType = "requested_token_type"
	ArgCode               = "code"
	ArgRefreshToken       = "refresh_token"
	ArgToken              = "token"
	ArgUsername           = "username"
	ArgPassword           = "password"
	ArgCreateIfNotExists  = "create_if_not_exists"
)

https://datatracker.ietf.org/doc/html/rfc6749#section-5.2 https://datatracker.ietf.org/doc/html/rfc7009#section-2.1

View Source
const (
	TokenErrUnsupportedGrantType = "unsupported_grant_type"
	TokenErrInvalidClient        = "invalid_client"
	TokenErrInvalidRequest       = "invalid_request"
)

https://datatracker.ietf.org/doc/html/rfc6749#section-5.2

View Source
const (
	GrantTypeImplicit          = "implicit"
	GrantTypePassword          = "password"
	GrantTypeClientCredentials = "client_credentials"
	GrantTypeAuthCode          = "authorization_code"
	GrantTypeRefreshToken      = "refresh_token"
	GrantTypeTokenExchange     = "token_exchange"
)
View Source
const (
	TokenType = "bearer"
)

Variables

This section is empty.

Functions

func AuthorizeHandler added in v0.373.0

func AuthorizeHandler(schema *proto.Schema) common.HandlerFunc

AuthorizeHandler is a redirection endpoint that will redirect to the provider's sign-in/auth page

func CallbackHandler added in v0.373.0

func CallbackHandler(schema *proto.Schema) common.HandlerFunc

CallbackHandler is called by the provider after the authentication process is complete

If there is something wrong with the syntax of the request, such as the redirect_uri or client_id is invalid, then it’s important not to redirect the user and instead you should show the error message directly. This is to avoid letting your authorization server be used as an open redirector.

func GetClientSecret added in v0.373.0

func GetClientSecret(ctx context.Context, provider *config.Provider) (string, bool)

func OAuthOpenApiSchema added in v0.380.0

func OAuthOpenApiSchema() common.HandlerFunc

func ProvidersHandler added in v0.373.0

func ProvidersHandler(schema *proto.Schema) common.HandlerFunc

func RevokeHandler

func RevokeHandler(schema *proto.Schema) common.HandlerFunc

func TokenEndpointHandler

func TokenEndpointHandler(schema *proto.Schema) common.HandlerFunc

TokenEndpointHandler handles requests to the token endpoint for the various grant types we support. OAuth2.0 specification: https://datatracker.ietf.org/doc/html/rfc6749#section-3.2 OpenID Connect specification for Token Endpoint: https://openid.net/specs/openid-connect-standard-1_0-21_orig.html#token_ep

Types

type ErrorResponse

type ErrorResponse struct {
	Error            string `json:"error,omitempty"`
	ErrorDescription string `json:"error_description,omitempty"`
}

https://openid.net/specs/openid-connect-standard-1_0-21_orig.html#AccessTokenErrorResponse https://datatracker.ietf.org/doc/html/rfc7009#section-2.2

type ProviderResponse added in v0.373.0

type ProviderResponse struct {
	Name         string `json:"name"`
	Type         string `json:"type"`
	AuthorizeUrl string `json:"authorizeUrl"`
	CallbackUrl  string `json:"callbackUrl"`
}

type RevokeEndpointErrorResponse

type RevokeEndpointErrorResponse struct {
	Error            string `json:"error,omitempty"`
	ErrorDescription string `json:"error_description,omitempty"`
}

type TokenResponse

type TokenResponse struct {
	AccessToken  string `json:"access_token"`
	TokenType    string `json:"token_type"`
	ExpiresIn    int    `json:"expires_in"`
	RefreshToken string `json:"refresh_token,omitempty"`
	Created      bool   `json:"identity_created"`
}

https://openid.net/specs/openid-connect-standard-1_0-21_orig.html#AccessTokenResponse

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL