common

package
v1.5.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 14, 2025 License: Apache-2.0 Imports: 27 Imported by: 0

Documentation

Overview

Package common provide functionality needed by OAuth based clients

Index

Constants

View Source 
const (
	APITokenType   = "api-token"
	IDTokenType    = "id-token"
	ContextTimeout = 60 * time.Second

	ClaimsContext     = "context_name"
	ClaimsPermissions = "perms"
	ClaimsScopes      = "scope"
	ClaimsCspUserName = "username"
	ClaimsUaaUserName = "user_name"
)

Variables

This section is empty.

Functions

func GetTLSConfig 

func GetTLSConfig(endpoint, certData string, skipVerify bool) *tls.Config

func GetToken 

func GetToken(g *types.GlobalServerAuth, tokenGetter func(refreshOrAPIToken, accessToken, issuer, tokenType string) (*Token, error), idpType config.IdpType) (*oauth2.Token, error)

GetToken fetches the token.

func IsExpired 

func IsExpired(tokenExpiry time.Time) bool

IsExpired checks for the token expiry and returns true if the token has expired else will return false

Types

type Claims 

type Claims struct {
	Username    string
	Permissions []string
	OrgID       string
	Raw         map[string]interface{}
}

Claims are the jwt claims.

func ParseToken 

func ParseToken(tkn *oauth2.Token, idpType config.IdpType) (*Claims, error)

ParseToken parses the JWT payload and return the decoded information.

type IssuerEndPoints 

type IssuerEndPoints struct {
	AuthURL  string `json:"authURL" yaml:"authURL"`
	TokenURL string `json:"tokenURL" yaml:"tokenURL"`
}

type LoginOption 

type LoginOption func(*TanzuLoginHandler) error

LoginOption is an optional configuration for Login().

func WithCertInfo 

func WithCertInfo(tlsSkipVerify bool, caCertData string) LoginOption

WithCertInfo customizes cert verification information

func WithClientIDAndSecret added in v1.5.1 

func WithClientIDAndSecret(clientID, clientSecret string) LoginOption

WithClientIDAndSecret specifies a OAuth Client ID and secret to use

func WithListenerPort 

func WithListenerPort(port uint16) LoginOption

WithListenerPort specifies a TCP listener port on localhost, which will be used for the redirect_uri and to handle the authorization code callback. By default, a random high port will be chosen which requires the authorization server to support wildcard port numbers as described by https://tools.ietf.org/html/rfc8252#section-7.3: Being able to designate the listener port might be advantages under some circumstances (e.g. for determining what to port-forward from the host where the web browser is available)

func WithListenerPortFromEnv 

func WithListenerPortFromEnv(envVarName string) LoginOption

WithListenerPortFromEnv sets the TCP listener port on localhost based on the value of the specified environment variable, which will be used for the redirect_uri and to handle the authorization code callback. By default, a random high port will be chosen which requires the authorization server to support wildcard port numbers as described by https://tools.ietf.org/html/rfc8252#section-7.3: Being able to designate the listener port might be advantages under some circumstances (e.g. for determining what to port-forward from the host where the web browser is available)

func WithOrgID 

func WithOrgID(orgID string) LoginOption

WithOrgID causes the login to given Organization.

func WithRefreshToken 

func WithRefreshToken(refreshToken string) LoginOption

WithRefreshToken causes the login to use refresh token instead of interactive login. If the refresh token is expired or invalid, the interactive login will kick in

func WithSuppressInteractive added in v1.5.1 

func WithSuppressInteractive(suppress bool) LoginOption

WithSuppressInteractive specifies whether to fall back to interactive login if an access token cannot be obtained.

type TanzuLoginHandler 

type TanzuLoginHandler struct {
	// contains filtered or unexported fields
}

func NewTanzuLoginHandler 

func NewTanzuLoginHandler(issuer, issuerAuthURL, issuerTokenURL, clientID, clientSecret, listenAddr, callbackPath string, idpType config.IdpType, orgNameGetter func(orgID, accessToken, issuer string) (string, error), promptForValue func(ctx context.Context, promptLabel string, out io.Writer) (string, error), isTTYFn func(int) bool) *TanzuLoginHandler

func (*TanzuLoginHandler) DoLogin 

func (h *TanzuLoginHandler) DoLogin() (*Token, error)

type Token 

type Token struct {
	// IDToken from OIDC.
	IDToken string `json:"id_token"`

	// TokenType is the type of token.
	// Ex: id-token, api-token
	TokenType string `json:"token_type"`

	// ExpiresIn is expiration in seconds.
	ExpiresIn int64 `json:"expires_in"`

	// Scope of the token.
	// Ex: "openid offline_access username groups"
	Scope string `json:"scope"`

	// AccessToken.
	AccessToken string `json:"access_token"`

	// RefreshToken for use with Refresh Token grant.
	RefreshToken string `json:"refresh_token"`
}

Token is a useful struct for storing attributes of a context.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.