oauth2

Documentation

Index

• Constants
• type ConsentStrategy
• type DefaultConsentStrategy
  • func (s *DefaultConsentStrategy) IssueChallenge(authorizeRequest fosite.AuthorizeRequester, redirectURL string) (string, error)
  • func (s *DefaultConsentStrategy) ValidateResponse(a fosite.AuthorizeRequester, token string) (claims *Session, err error)
• type FositeMemoryStore
  • func (s *FositeMemoryStore) CreateAccessTokenSession(_ context.Context, signature string, req fosite.Requester) error
  • func (s *FositeMemoryStore) CreateAuthorizeCodeSession(_ context.Context, code string, req fosite.Requester) error
  • func (s *FositeMemoryStore) CreateImplicitAccessTokenSession(ctx context.Context, code string, req fosite.Requester) error
  • func (s *FositeMemoryStore) CreateOpenIDConnectSession(_ context.Context, authorizeCode string, requester fosite.Requester) error
  • func (s *FositeMemoryStore) CreateRefreshTokenSession(_ context.Context, signature string, req fosite.Requester) error
  • func (s *FositeMemoryStore) DeleteAccessTokenSession(_ context.Context, signature string) error
  • func (s *FositeMemoryStore) DeleteAuthorizeCodeSession(_ context.Context, code string) error
  • func (s *FositeMemoryStore) DeleteOpenIDConnectSession(_ context.Context, authorizeCode string) error
  • func (s *FositeMemoryStore) DeleteRefreshTokenSession(_ context.Context, signature string) error
  • func (s *FositeMemoryStore) GetAccessTokenSession(_ context.Context, signature string, _ fosite.Session) (fosite.Requester, error)
  • func (s *FositeMemoryStore) GetAuthorizeCodeSession(_ context.Context, code string, _ fosite.Session) (fosite.Requester, error)
  • func (s *FositeMemoryStore) GetOpenIDConnectSession(_ context.Context, authorizeCode string, requester fosite.Requester) (fosite.Requester, error)
  • func (s *FositeMemoryStore) GetRefreshTokenSession(_ context.Context, signature string, _ fosite.Session) (fosite.Requester, error)
  • func (s *FositeMemoryStore) PersistAuthorizeCodeGrantSession(ctx context.Context, authorizeCode, accessSignature, refreshSignature string, ...) error
  • func (s *FositeMemoryStore) PersistRefreshTokenGrantSession(ctx context.Context, ...) error
  • func (s *FositeMemoryStore) RevokeAccessToken(ctx context.Context, id string) error
  • func (s *FositeMemoryStore) RevokeRefreshToken(ctx context.Context, id string) error
• type FositeRedisStore
  • func (s *FositeRedisStore) CreateAccessTokenSession(_ context.Context, signature string, req fosite.Requester) error
  • func (s *FositeRedisStore) CreateAuthorizeCodeSession(_ context.Context, code string, req fosite.Requester) error
  • func (s *FositeRedisStore) CreateImplicitAccessTokenSession(ctx context.Context, code string, req fosite.Requester) error
  • func (s *FositeRedisStore) CreateOpenIDConnectSession(_ context.Context, authorizeCode string, req fosite.Requester) error
  • func (s *FositeRedisStore) CreateRefreshTokenSession(_ context.Context, signature string, req fosite.Requester) error
  • func (s *FositeRedisStore) DeleteAccessTokenSession(_ context.Context, signature string) error
  • func (s *FositeRedisStore) DeleteAuthorizeCodeSession(_ context.Context, code string) error
  • func (s *FositeRedisStore) DeleteOpenIDConnectSession(_ context.Context, authorizeCode string) error
  • func (s *FositeRedisStore) DeleteRefreshTokenSession(_ context.Context, signature string) error
  • func (s *FositeRedisStore) GetAccessTokenSession(_ context.Context, signature string, sess fosite.Session) (fosite.Requester, error)
  • func (s *FositeRedisStore) GetAuthorizeCodeSession(_ context.Context, code string, sess fosite.Session) (fosite.Requester, error)
  • func (s *FositeRedisStore) GetOpenIDConnectSession(_ context.Context, authorizeCode string, req fosite.Requester) (fosite.Requester, error)
  • func (s *FositeRedisStore) GetRefreshTokenSession(_ context.Context, signature string, sess fosite.Session) (fosite.Requester, error)
  • func (s *FositeRedisStore) PersistAuthorizeCodeGrantSession(ctx context.Context, authorizeCode, accessSignature, refreshSignature string, ...) error
  • func (s *FositeRedisStore) PersistRefreshTokenGrantSession(ctx context.Context, ...) error
  • func (s *FositeRedisStore) RevokeAccessToken(ctx context.Context, id string) error
  • func (s *FositeRedisStore) RevokeRefreshToken(ctx context.Context, id string) error
• type FositeRehinkDBStore
  • func (m *FositeRehinkDBStore) ColdStart() error
  • func (s *FositeRehinkDBStore) CreateAccessTokenSession(_ context.Context, signature string, requester fosite.Requester) error
  • func (s *FositeRehinkDBStore) CreateAuthorizeCodeSession(_ context.Context, code string, requester fosite.Requester) error
  • func (s *FositeRehinkDBStore) CreateImplicitAccessTokenSession(ctx context.Context, code string, req fosite.Requester) error
  • func (s *FositeRehinkDBStore) CreateOpenIDConnectSession(_ context.Context, authorizeCode string, requester fosite.Requester) error
  • func (s *FositeRehinkDBStore) CreateRefreshTokenSession(_ context.Context, signature string, requester fosite.Requester) error
  • func (s *FositeRehinkDBStore) DeleteAccessTokenSession(_ context.Context, signature string) error
  • func (s *FositeRehinkDBStore) DeleteAuthorizeCodeSession(_ context.Context, code string) error
  • func (s *FositeRehinkDBStore) DeleteOpenIDConnectSession(_ context.Context, authorizeCode string) error
  • func (s *FositeRehinkDBStore) DeleteRefreshTokenSession(_ context.Context, signature string) error
  • func (s *FositeRehinkDBStore) GetAccessTokenSession(_ context.Context, signature string, sess fosite.Session) (fosite.Requester, error)
  • func (s *FositeRehinkDBStore) GetAuthorizeCodeSession(_ context.Context, code string, sess fosite.Session) (fosite.Requester, error)
  • func (s *FositeRehinkDBStore) GetOpenIDConnectSession(_ context.Context, authorizeCode string, requester fosite.Requester) (fosite.Requester, error)
  • func (s *FositeRehinkDBStore) GetRefreshTokenSession(_ context.Context, signature string, sess fosite.Session) (fosite.Requester, error)
  • func (s *FositeRehinkDBStore) PersistAuthorizeCodeGrantSession(ctx context.Context, authorizeCode, accessSignature, refreshSignature string, ...) error
  • func (s *FositeRehinkDBStore) PersistRefreshTokenGrantSession(ctx context.Context, ...) error
  • func (s *FositeRehinkDBStore) RevokeAccessToken(ctx context.Context, id string) error
  • func (s *FositeRehinkDBStore) RevokeRefreshToken(ctx context.Context, id string) error
  • func (m *FositeRehinkDBStore) Watch(ctx context.Context)
• type FositeSQLStore
  • func (s *FositeSQLStore) CreateAccessTokenSession(_ context.Context, signature string, requester fosite.Requester) error
  • func (s *FositeSQLStore) CreateAuthorizeCodeSession(_ context.Context, signature string, requester fosite.Requester) error
  • func (s *FositeSQLStore) CreateImplicitAccessTokenSession(ctx context.Context, signature string, requester fosite.Requester) error
  • func (s *FositeSQLStore) CreateOpenIDConnectSession(_ context.Context, signature string, requester fosite.Requester) error
  • func (s *FositeSQLStore) CreateRefreshTokenSession(_ context.Context, signature string, requester fosite.Requester) error
  • func (s *FositeSQLStore) CreateSchemas() error
  • func (s *FositeSQLStore) DeleteAccessTokenSession(_ context.Context, signature string) error
  • func (s *FositeSQLStore) DeleteAuthorizeCodeSession(_ context.Context, signature string) error
  • func (s *FositeSQLStore) DeleteOpenIDConnectSession(_ context.Context, signature string) error
  • func (s *FositeSQLStore) DeleteRefreshTokenSession(_ context.Context, signature string) error
  • func (s *FositeSQLStore) GetAccessTokenSession(_ context.Context, signature string, session fosite.Session) (fosite.Requester, error)
  • func (s *FositeSQLStore) GetAuthorizeCodeSession(_ context.Context, signature string, session fosite.Session) (fosite.Requester, error)
  • func (s *FositeSQLStore) GetOpenIDConnectSession(_ context.Context, signature string, requester fosite.Requester) (fosite.Requester, error)
  • func (s *FositeSQLStore) GetRefreshTokenSession(_ context.Context, signature string, session fosite.Session) (fosite.Requester, error)
  • func (s *FositeSQLStore) PersistAuthorizeCodeGrantSession(ctx context.Context, authorizeCode, accessSignature, refreshSignature string, ...) error
  • func (s *FositeSQLStore) PersistRefreshTokenGrantSession(ctx context.Context, ...) error
  • func (s *FositeSQLStore) RevokeAccessToken(ctx context.Context, id string) error
  • func (s *FositeSQLStore) RevokeRefreshToken(ctx context.Context, id string) error
• type HTTPIntrospector
  • func (i *HTTPIntrospector) IntrospectToken(ctx context.Context, token string, scopes ...string) (*Introspection, error)
  • func (i *HTTPIntrospector) SetClient(c *clientcredentials.Config)
  • func (i *HTTPIntrospector) TokenFromRequest(r *http.Request) string
• type HTTPRecovator
  • func (r *HTTPRecovator) RevokeToken(ctx context.Context, token string) error
• type Handler
  • func (h *Handler) AuthHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params)
  • func (o *Handler) DefaultConsentHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params)
  • func (h *Handler) IntrospectHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params)
  • func (h *Handler) RevocationHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params)
  • func (h *Handler) SetRoutes(r *httprouter.Router)
  • func (h *Handler) TokenHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params)
• type Introspection
• type Introspector
• type RDBItems
• type RdbSchema
• type Revocator
• type Session
  • func NewSession(subject string) *Session
  • func (s *Session) Clone() fosite.Session

Constants

const (
	ConsentChallengeKey = "hydra.consent.challenge"
	ConsentEndpointKey  = "hydra.consent.response"
)

const (
	OpenIDConnectKeyName = "hydra.openid.id-token"

	ConsentPath = "/oauth2/consent"
	TokenPath   = "/oauth2/token"
	AuthPath    = "/oauth2/auth"

	// IntrospectPath points to the OAuth2 introspection endpoint.
	IntrospectPath = "/oauth2/introspect"
	RevocationPath = "/oauth2/revoke"
)

Types

type ConsentStrategy

type ConsentStrategy interface {
	ValidateResponse(authorizeRequest fosite.AuthorizeRequester, token string) (claims *Session, err error)
	IssueChallenge(authorizeRequest fosite.AuthorizeRequester, redirectURL string) (token string, err error)
}

type DefaultConsentStrategy

type DefaultConsentStrategy struct {
	Issuer string

	DefaultIDTokenLifespan   time.Duration
	DefaultChallengeLifespan time.Duration
	KeyManager               jwk.Manager
}

func (*DefaultConsentStrategy) IssueChallenge

func (s *DefaultConsentStrategy) IssueChallenge(authorizeRequest fosite.AuthorizeRequester, redirectURL string) (string, error)

func (*DefaultConsentStrategy) ValidateResponse

func (s *DefaultConsentStrategy) ValidateResponse(a fosite.AuthorizeRequester, token string) (claims *Session, err error)

type FositeMemoryStore

type FositeMemoryStore struct {
	client.Manager

	AuthorizeCodes map[string]fosite.Requester
	IDSessions     map[string]fosite.Requester
	AccessTokens   map[string]fosite.Requester
	RefreshTokens  map[string]fosite.Requester

	sync.RWMutex
}

func (*FositeMemoryStore) CreateAccessTokenSession

func (s *FositeMemoryStore) CreateAccessTokenSession(_ context.Context, signature string, req fosite.Requester) error

func (*FositeMemoryStore) CreateAuthorizeCodeSession

func (s *FositeMemoryStore) CreateAuthorizeCodeSession(_ context.Context, code string, req fosite.Requester) error

func (*FositeMemoryStore) CreateImplicitAccessTokenSession

func (s *FositeMemoryStore) CreateImplicitAccessTokenSession(ctx context.Context, code string, req fosite.Requester) error

func (*FositeMemoryStore) CreateOpenIDConnectSession

func (s *FositeMemoryStore) CreateOpenIDConnectSession(_ context.Context, authorizeCode string, requester fosite.Requester) error

func (*FositeMemoryStore) CreateRefreshTokenSession

func (s *FositeMemoryStore) CreateRefreshTokenSession(_ context.Context, signature string, req fosite.Requester) error

func (*FositeMemoryStore) DeleteAccessTokenSession

func (s *FositeMemoryStore) DeleteAccessTokenSession(_ context.Context, signature string) error

func (*FositeMemoryStore) DeleteAuthorizeCodeSession

func (s *FositeMemoryStore) DeleteAuthorizeCodeSession(_ context.Context, code string) error

func (*FositeMemoryStore) DeleteOpenIDConnectSession

func (s *FositeMemoryStore) DeleteOpenIDConnectSession(_ context.Context, authorizeCode string) error

func (*FositeMemoryStore) DeleteRefreshTokenSession

func (s *FositeMemoryStore) DeleteRefreshTokenSession(_ context.Context, signature string) error

func (*FositeMemoryStore) GetAccessTokenSession

func (s *FositeMemoryStore) GetAccessTokenSession(_ context.Context, signature string, _ fosite.Session) (fosite.Requester, error)

func (*FositeMemoryStore) GetAuthorizeCodeSession

func (s *FositeMemoryStore) GetAuthorizeCodeSession(_ context.Context, code string, _ fosite.Session) (fosite.Requester, error)

func (*FositeMemoryStore) GetOpenIDConnectSession

func (s *FositeMemoryStore) GetOpenIDConnectSession(_ context.Context, authorizeCode string, requester fosite.Requester) (fosite.Requester, error)

func (*FositeMemoryStore) GetRefreshTokenSession

func (s *FositeMemoryStore) GetRefreshTokenSession(_ context.Context, signature string, _ fosite.Session) (fosite.Requester, error)

func (*FositeMemoryStore) PersistAuthorizeCodeGrantSession

func (s *FositeMemoryStore) PersistAuthorizeCodeGrantSession(ctx context.Context, authorizeCode, accessSignature, refreshSignature string, request fosite.Requester) error

func (*FositeMemoryStore) PersistRefreshTokenGrantSession

func (s *FositeMemoryStore) PersistRefreshTokenGrantSession(ctx context.Context, originalRefreshSignature, accessSignature, refreshSignature string, request fosite.Requester) error

func (*FositeMemoryStore) RevokeAccessToken

func (s *FositeMemoryStore) RevokeAccessToken(ctx context.Context, id string) error

func (*FositeMemoryStore) RevokeRefreshToken

func (s *FositeMemoryStore) RevokeRefreshToken(ctx context.Context, id string) error

type FositeRedisStore

type FositeRedisStore struct {
	client.Manager
	DB        *redis.Client
	KeyPrefix string
}

func (*FositeRedisStore) CreateAccessTokenSession

func (s *FositeRedisStore) CreateAccessTokenSession(_ context.Context, signature string, req fosite.Requester) error

func (*FositeRedisStore) CreateAuthorizeCodeSession

func (s *FositeRedisStore) CreateAuthorizeCodeSession(_ context.Context, code string, req fosite.Requester) error

func (*FositeRedisStore) CreateImplicitAccessTokenSession

func (s *FositeRedisStore) CreateImplicitAccessTokenSession(ctx context.Context, code string, req fosite.Requester) error

func (*FositeRedisStore) CreateOpenIDConnectSession

func (s *FositeRedisStore) CreateOpenIDConnectSession(_ context.Context, authorizeCode string, req fosite.Requester) error

func (*FositeRedisStore) CreateRefreshTokenSession

func (s *FositeRedisStore) CreateRefreshTokenSession(_ context.Context, signature string, req fosite.Requester) error

func (*FositeRedisStore) DeleteAccessTokenSession

func (s *FositeRedisStore) DeleteAccessTokenSession(_ context.Context, signature string) error

func (*FositeRedisStore) DeleteAuthorizeCodeSession

func (s *FositeRedisStore) DeleteAuthorizeCodeSession(_ context.Context, code string) error

func (*FositeRedisStore) DeleteOpenIDConnectSession

func (s *FositeRedisStore) DeleteOpenIDConnectSession(_ context.Context, authorizeCode string) error

func (*FositeRedisStore) DeleteRefreshTokenSession

func (s *FositeRedisStore) DeleteRefreshTokenSession(_ context.Context, signature string) error

func (*FositeRedisStore) GetAccessTokenSession

func (s *FositeRedisStore) GetAccessTokenSession(_ context.Context, signature string, sess fosite.Session) (fosite.Requester, error)

func (*FositeRedisStore) GetAuthorizeCodeSession

func (s *FositeRedisStore) GetAuthorizeCodeSession(_ context.Context, code string, sess fosite.Session) (fosite.Requester, error)

func (*FositeRedisStore) GetOpenIDConnectSession

func (s *FositeRedisStore) GetOpenIDConnectSession(_ context.Context, authorizeCode string, req fosite.Requester) (fosite.Requester, error)

func (*FositeRedisStore) GetRefreshTokenSession

func (s *FositeRedisStore) GetRefreshTokenSession(_ context.Context, signature string, sess fosite.Session) (fosite.Requester, error)

func (*FositeRedisStore) PersistAuthorizeCodeGrantSession

func (s *FositeRedisStore) PersistAuthorizeCodeGrantSession(ctx context.Context, authorizeCode, accessSignature, refreshSignature string, req fosite.Requester) error

func (*FositeRedisStore) PersistRefreshTokenGrantSession

func (s *FositeRedisStore) PersistRefreshTokenGrantSession(ctx context.Context, originalRefreshSignature, accessSignature, refreshSignature string, req fosite.Requester) error

func (*FositeRedisStore) RevokeAccessToken

func (s *FositeRedisStore) RevokeAccessToken(ctx context.Context, id string) error

func (*FositeRedisStore) RevokeRefreshToken

func (s *FositeRedisStore) RevokeRefreshToken(ctx context.Context, id string) error

type FositeRehinkDBStore

type FositeRehinkDBStore struct {
	Session *r.Session
	sync.RWMutex

	AuthorizeCodesTable r.Term
	IDSessionsTable     r.Term
	AccessTokensTable   r.Term
	RefreshTokensTable  r.Term
	ClientsTable        r.Term

	client.Manager

	AuthorizeCodes RDBItems
	IDSessions     RDBItems
	AccessTokens   RDBItems
	RefreshTokens  RDBItems
}

func (*FositeRehinkDBStore) ColdStart

func (m *FositeRehinkDBStore) ColdStart() error

func (*FositeRehinkDBStore) CreateAccessTokenSession

func (s *FositeRehinkDBStore) CreateAccessTokenSession(_ context.Context, signature string, requester fosite.Requester) error

func (*FositeRehinkDBStore) CreateAuthorizeCodeSession

func (s *FositeRehinkDBStore) CreateAuthorizeCodeSession(_ context.Context, code string, requester fosite.Requester) error

func (*FositeRehinkDBStore) CreateImplicitAccessTokenSession

func (s *FositeRehinkDBStore) CreateImplicitAccessTokenSession(ctx context.Context, code string, req fosite.Requester) error

func (*FositeRehinkDBStore) CreateOpenIDConnectSession

func (s *FositeRehinkDBStore) CreateOpenIDConnectSession(_ context.Context, authorizeCode string, requester fosite.Requester) error

func (*FositeRehinkDBStore) CreateRefreshTokenSession

func (s *FositeRehinkDBStore) CreateRefreshTokenSession(_ context.Context, signature string, requester fosite.Requester) error

func (*FositeRehinkDBStore) DeleteAccessTokenSession

func (s *FositeRehinkDBStore) DeleteAccessTokenSession(_ context.Context, signature string) error

func (*FositeRehinkDBStore) DeleteAuthorizeCodeSession

func (s *FositeRehinkDBStore) DeleteAuthorizeCodeSession(_ context.Context, code string) error

func (*FositeRehinkDBStore) DeleteOpenIDConnectSession

func (s *FositeRehinkDBStore) DeleteOpenIDConnectSession(_ context.Context, authorizeCode string) error

func (*FositeRehinkDBStore) DeleteRefreshTokenSession

func (s *FositeRehinkDBStore) DeleteRefreshTokenSession(_ context.Context, signature string) error

func (*FositeRehinkDBStore) GetAccessTokenSession

func (s *FositeRehinkDBStore) GetAccessTokenSession(_ context.Context, signature string, sess fosite.Session) (fosite.Requester, error)

func (*FositeRehinkDBStore) GetAuthorizeCodeSession

func (s *FositeRehinkDBStore) GetAuthorizeCodeSession(_ context.Context, code string, sess fosite.Session) (fosite.Requester, error)

func (*FositeRehinkDBStore) GetOpenIDConnectSession

func (s *FositeRehinkDBStore) GetOpenIDConnectSession(_ context.Context, authorizeCode string, requester fosite.Requester) (fosite.Requester, error)

func (*FositeRehinkDBStore) GetRefreshTokenSession

func (s *FositeRehinkDBStore) GetRefreshTokenSession(_ context.Context, signature string, sess fosite.Session) (fosite.Requester, error)

func (*FositeRehinkDBStore) PersistAuthorizeCodeGrantSession

func (s *FositeRehinkDBStore) PersistAuthorizeCodeGrantSession(ctx context.Context, authorizeCode, accessSignature, refreshSignature string, request fosite.Requester) error

func (*FositeRehinkDBStore) PersistRefreshTokenGrantSession

func (s *FositeRehinkDBStore) PersistRefreshTokenGrantSession(ctx context.Context, originalRefreshSignature, accessSignature, refreshSignature string, request fosite.Requester) error

func (*FositeRehinkDBStore) RevokeAccessToken

func (s *FositeRehinkDBStore) RevokeAccessToken(ctx context.Context, id string) error

func (*FositeRehinkDBStore) RevokeRefreshToken

func (s *FositeRehinkDBStore) RevokeRefreshToken(ctx context.Context, id string) error

func (*FositeRehinkDBStore) Watch

func (m *FositeRehinkDBStore) Watch(ctx context.Context)

type FositeSQLStore

type FositeSQLStore struct {
	client.Manager
	DB *sqlx.DB
}

func (*FositeSQLStore) CreateAccessTokenSession

func (s *FositeSQLStore) CreateAccessTokenSession(_ context.Context, signature string, requester fosite.Requester) error

func (*FositeSQLStore) CreateAuthorizeCodeSession

func (s *FositeSQLStore) CreateAuthorizeCodeSession(_ context.Context, signature string, requester fosite.Requester) error

func (*FositeSQLStore) CreateImplicitAccessTokenSession

func (s *FositeSQLStore) CreateImplicitAccessTokenSession(ctx context.Context, signature string, requester fosite.Requester) error

func (*FositeSQLStore) CreateOpenIDConnectSession

func (s *FositeSQLStore) CreateOpenIDConnectSession(_ context.Context, signature string, requester fosite.Requester) error

func (*FositeSQLStore) CreateRefreshTokenSession

func (s *FositeSQLStore) CreateRefreshTokenSession(_ context.Context, signature string, requester fosite.Requester) error

func (*FositeSQLStore) CreateSchemas

func (s *FositeSQLStore) CreateSchemas() error

func (*FositeSQLStore) DeleteAccessTokenSession

func (s *FositeSQLStore) DeleteAccessTokenSession(_ context.Context, signature string) error

func (*FositeSQLStore) DeleteAuthorizeCodeSession

func (s *FositeSQLStore) DeleteAuthorizeCodeSession(_ context.Context, signature string) error

func (*FositeSQLStore) DeleteOpenIDConnectSession

func (s *FositeSQLStore) DeleteOpenIDConnectSession(_ context.Context, signature string) error

func (*FositeSQLStore) DeleteRefreshTokenSession

func (s *FositeSQLStore) DeleteRefreshTokenSession(_ context.Context, signature string) error

func (*FositeSQLStore) GetAccessTokenSession

func (s *FositeSQLStore) GetAccessTokenSession(_ context.Context, signature string, session fosite.Session) (fosite.Requester, error)

func (*FositeSQLStore) GetAuthorizeCodeSession

func (s *FositeSQLStore) GetAuthorizeCodeSession(_ context.Context, signature string, session fosite.Session) (fosite.Requester, error)

func (*FositeSQLStore) GetOpenIDConnectSession

func (s *FositeSQLStore) GetOpenIDConnectSession(_ context.Context, signature string, requester fosite.Requester) (fosite.Requester, error)

func (*FositeSQLStore) GetRefreshTokenSession

func (s *FositeSQLStore) GetRefreshTokenSession(_ context.Context, signature string, session fosite.Session) (fosite.Requester, error)

func (*FositeSQLStore) PersistAuthorizeCodeGrantSession

func (s *FositeSQLStore) PersistAuthorizeCodeGrantSession(ctx context.Context, authorizeCode, accessSignature, refreshSignature string, request fosite.Requester) error

func (*FositeSQLStore) PersistRefreshTokenGrantSession

func (s *FositeSQLStore) PersistRefreshTokenGrantSession(ctx context.Context, originalRefreshSignature, accessSignature, refreshSignature string, request fosite.Requester) error

func (*FositeSQLStore) RevokeAccessToken

func (s *FositeSQLStore) RevokeAccessToken(ctx context.Context, id string) error

func (*FositeSQLStore) RevokeRefreshToken

func (s *FositeSQLStore) RevokeRefreshToken(ctx context.Context, id string) error

type HTTPIntrospector

type HTTPIntrospector struct {
	Client   *http.Client
	Dry      bool
	Endpoint *url.URL
}

func (*HTTPIntrospector) IntrospectToken

func (i *HTTPIntrospector) IntrospectToken(ctx context.Context, token string, scopes ...string) (*Introspection, error)

IntrospectToken is capable of introspecting tokens according to https://tools.ietf.org/html/rfc7662

The HTTP API is documented at http://docs.hdyra.apiary.io/#reference/oauth2/oauth2-token-introspection

func (*HTTPIntrospector) SetClient

func (i *HTTPIntrospector) SetClient(c *clientcredentials.Config)

func (*HTTPIntrospector) TokenFromRequest

func (i *HTTPIntrospector) TokenFromRequest(r *http.Request) string

type HTTPRecovator

type HTTPRecovator struct {
	Config   *clientcredentials.Config
	Dry      bool
	Endpoint *url.URL
	Client   *http.Client
}

func (*HTTPRecovator) RevokeToken

func (r *HTTPRecovator) RevokeToken(ctx context.Context, token string) error

type Handler

type Handler struct {
	OAuth2  fosite.OAuth2Provider
	Consent ConsentStrategy

	H herodot.Herodot

	ForcedHTTP bool
	ConsentURL url.URL

	AccessTokenLifespan time.Duration
}

func (*Handler) AuthHandler

func (h *Handler) AuthHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params)

func (*Handler) DefaultConsentHandler

func (o *Handler) DefaultConsentHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params)

func (*Handler) IntrospectHandler

func (h *Handler) IntrospectHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params)

func (*Handler) RevocationHandler

func (h *Handler) RevocationHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params)

func (*Handler) SetRoutes

func (h *Handler) SetRoutes(r *httprouter.Router)

func (*Handler) TokenHandler

func (h *Handler) TokenHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params)

type Introspection

type Introspection struct {
	// Active is a boolean indicator of whether or not the presented token
	// is currently active.  The specifics of a token's "active" state
	// will vary depending on the implementation of the authorization
	// server and the information it keeps about its tokens, but a "true"
	// value return for the "active" property will generally indicate
	// that a given token has been issued by this authorization server,
	// has not been revoked by the resource owner, and is within its
	// given time window of validity (e.g., after its issuance time and
	// before its expiration time).
	Active bool `json:"active"`

	// Scope is a JSON string containing a space-separated list of
	// scopes associated with this token.
	Scope string `json:"scope,omitempty"`

	// ClientID is aclient identifier for the OAuth 2.0 client that
	// requested this token.
	ClientID string `json:"client_id,omitempty"`

	// Subject of the token, as defined in JWT [RFC7519].
	// Usually a machine-readable identifier of the resource owner who
	// authorized this token.
	Subject string `json:"sub,omitempty"`

	// Expires at is an integer timestamp, measured in the number of seconds
	// since January 1 1970 UTC, indicating when this token will expire.
	ExpiresAt int64 `json:"exp,omitempty"`

	// Issued at is an integer timestamp, measured in the number of seconds
	// since January 1 1970 UTC, indicating when this token was
	// originally issued.
	IssuedAt int64 `json:"iat,omitempty"`

	// NotBefore is an integer timestamp, measured in the number of seconds
	// since January 1 1970 UTC, indicating when this token is not to be
	// used before.
	NotBefore int64 `json:"nbf,omitempty"`

	// Username is a human-readable identifier for the resource owner who
	// authorized this token.
	Username string `json:"username,omitempty"`

	// Audience is a service-specific string identifier or list of string
	// identifiers representing the intended audience for this token.
	Audience string `json:"aud,omitempty"`

	// Issuer is a string representing the issuer of this token
	Issuer string `json:"iss,omitempty"`

	// Extra is arbitrary data set by the session.
	Extra map[string]interface{} `json:"ext,omitempty"`
}

Introspection contains an access token's session data as specified by IETF RFC 7662, see: https://tools.ietf.org/html/rfc7662

type Introspector

type Introspector interface {
	// IntrospectToken performs a token introspection according to IETF RFC 7662, see: https://tools.ietf.org/html/rfc7662
	//
	//  func anyHttpHandler(w http.ResponseWriter, r *http.Request) {
	//    ctx, err := introspector.IntrospectToken(context.Background(), introspector.TokenFromRequest(r), "photos", "files")
	//    fmt.Sprintf("%s", ctx.Subject)
	//  }
	IntrospectToken(ctx context.Context, token string, scopes ...string) (*Introspection, error)
}

Introspector is capable of introspecting an access token according to IETF RFC 7662, see: https://tools.ietf.org/html/rfc7662

type RDBItems

type RDBItems map[string]*RdbSchema

type RdbSchema

type RdbSchema struct {
	ID            string           `json:"id" gorethink:"id"`
	RequestID     string           `json:"requestId" gorethink:"requestId"`
	RequestedAt   time.Time        `json:"requestedAt" gorethink:"requestedAt"`
	Client        *client.Client   `json:"client" gorethink:"client"`
	Scopes        fosite.Arguments `json:"scopes" gorethink:"scopes"`
	GrantedScopes fosite.Arguments `json:"grantedScopes" gorethink:"grantedScopes"`
	Form          url.Values       `json:"form" gorethink:"form"`
	Session       json.RawMessage  `json:"session" gorethink:"session"`
}

type Revocator

type Revocator interface {
	RevokeToken(ctx context.Context, token string) error
}

type Session

type Session struct {
	*openid.DefaultSession `json:"idToken"`
	Extra                  map[string]interface{} `json:"extra"`
}

func NewSession

func NewSession(subject string) *Session

func (*Session) Clone

func (s *Session) Clone() fosite.Session