Documentation
¶
Overview ¶
Package tokenexchange provides an RFC 8693 OAuth 2.0 token exchange for obtaining tokens used for impersonation or delegation. https://datatracker.ietf.org/doc/html/rfc8693
Index ¶
Constants ¶
const ( TokenTypeAccessToken = TokenType("urn:ietf:params:oauth:token-type:access_token") TokenTypeRefreshToken = TokenType("urn:ietf:params:oauth:token-type:refresh_token") TokenTypeIdentifierToken = TokenType("urn:ietf:params:oauth:token-type:id_token") TokenTypeSAML1 = TokenType("urn:ietf:params:oauth:token-type:saml1") TokenTypeSAML2 = TokenType("urn:ietf:params:oauth:token-type:saml2") TokenTypeJWT = TokenType("urn:ietf:params:oauth:token-type:jwt") )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
// TokenURL is the URL of the authorization server's token endpoint.
TokenURL string
// Resource is the optional URI indicating where the issued tokens will be used.
Resource string
// Audience is the optional URI identifying the logical service where the issued tokens will be used.
Audience string
// Scopes are optionally used to determine how the issued token can be used.
Scopes []string
// RequestedTokenType optionally specifies the type of token that should be issued.
RequestedTokenType TokenType
// Actor is used to identify the software acting on behalf of the subject.
Actor ExchangeTokenSource
}
Config is used to hold the basic configuration information for facilitating token exchanges.
func (*Config) Exchange ¶
func (c *Config) Exchange(ctx context.Context, subject *ExchangeToken) (*ExchangeToken, error)
Exchange a subject token a new token.
func (*Config) TokenSource ¶
func (c *Config) TokenSource(ctx context.Context, subject ExchangeTokenSource) ExchangeTokenSource
TokenSource returns a new token source for exchanging a source of subject tokens.
type ExchangeToken ¶
ExchangeToken represents an exchanged token: either as input (as in a subject or actor) or as output (as in an issued token).
func (*ExchangeToken) Assertion ¶
func (t *ExchangeToken) Assertion() ([]byte, error)
Assertion returns the SAML 1 or 2 assertion represented by this token.
func (*ExchangeToken) Valid ¶
func (t *ExchangeToken) Valid() bool
Valid tests to see if this token meets the minimum requirements for being valid.
type ExchangeTokenSource ¶
type ExchangeTokenSource interface {
// Token returns an exchange token.
Token() (*ExchangeToken, error)
}
ExchangeTokenSource is either something that can provide a token as input for an exchange, or something that can provide a token as output from an exchange.
func OAuth2ExchangeTokenSource ¶
func OAuth2ExchangeTokenSource(src oauth2.TokenSource) ExchangeTokenSource
OAuth2ExchangeTokenSource returns a token source based on the assumption that the supplied OAuth2 token source is providing either access or refresh tokens.
func ReuseExchangeTokenSource ¶
func ReuseExchangeTokenSource(t *ExchangeToken, src ExchangeTokenSource) ExchangeTokenSource
ReuseExchangeTokenSource returns a token source that uses the supplied token until it is no longer valid; then it sources a new token.
func StaticExchangeTokenSource ¶
func StaticExchangeTokenSource(t *ExchangeToken) ExchangeTokenSource
StaticExchangeTokenSource returns a token source for a static token.
Source Files