adal

package
Version: v0.0.0-...-d88c8b5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 9, 2021 License: Apache-2.0 Imports: 25 Imported by: 0

Documentation

Index

Constants

View Source
const (

	// OAuthGrantTypeDeviceCode is the "grant_type" identifier used in device flow
	OAuthGrantTypeDeviceCode = "device_code"

	// OAuthGrantTypeClientCredentials is the "grant_type" identifier used in credential flows
	OAuthGrantTypeClientCredentials = "client_credentials"

	// OAuthGrantTypeUserPass is the "grant_type" identifier used in username and password auth flows
	OAuthGrantTypeUserPass = "password"

	// OAuthGrantTypeRefreshToken is the "grant_type" identifier used in refresh token flows
	OAuthGrantTypeRefreshToken = "refresh_token"

	// OAuthGrantTypeAuthorizationCode is the "grant_type" identifier used in authorization code flows
	OAuthGrantTypeAuthorizationCode = "authorization_code"
)

Variables

View Source
var (
	// ErrDeviceGeneric represents an unknown error from the token endpoint when using device flow
	ErrDeviceGeneric = fmt.Errorf("%s Error while retrieving OAuth token: Unknown Error", logPrefix)

	// ErrDeviceAccessDenied represents an access denied error from the token endpoint when using device flow
	ErrDeviceAccessDenied = fmt.Errorf("%s Error while retrieving OAuth token: Access Denied", logPrefix)

	// ErrDeviceAuthorizationPending represents the server waiting on the user to complete the device flow
	ErrDeviceAuthorizationPending = fmt.Errorf("%s Error while retrieving OAuth token: Authorization Pending", logPrefix)

	// ErrDeviceCodeExpired represents the server timing out and expiring the code during device flow
	ErrDeviceCodeExpired = fmt.Errorf("%s Error while retrieving OAuth token: Code Expired", logPrefix)

	// ErrDeviceSlowDown represents the service telling us we're polling too often during device flow
	ErrDeviceSlowDown = fmt.Errorf("%s Error while retrieving OAuth token: Slow Down", logPrefix)

	// ErrDeviceCodeEmpty represents an empty device code from the device endpoint while using device flow
	ErrDeviceCodeEmpty = fmt.Errorf("%s Error while retrieving device code: Device Code Empty", logPrefix)

	// ErrOAuthTokenEmpty represents an empty OAuth token from the token endpoint when using device flow
	ErrOAuthTokenEmpty = fmt.Errorf("%s Error while retrieving OAuth token: Token Empty", logPrefix)
)

Functions

func AddToUserAgent

func AddToUserAgent(extension string) error

AddToUserAgent adds an extension to the current user agent

func GetMSIAppServiceEndpoint

func GetMSIAppServiceEndpoint() (string, error)

GetMSIAppServiceEndpoint get the MSI endpoint for App Service and Functions

func GetMSIEndpoint

func GetMSIEndpoint() (string, error)

GetMSIEndpoint get the appropriate MSI endpoint depending on the runtime environment

func GetMSIVMEndpoint

func GetMSIVMEndpoint() (string, error)

GetMSIVMEndpoint gets the MSI endpoint on Virtual Machines.

func SaveToken

func SaveToken(path string, mode os.FileMode, token Token) error

SaveToken persists an oauth token at the given location on disk. It moves the new file into place so it can safely be used to replace an existing file that maybe accessed by multiple processes.

func UserAgent

func UserAgent() string

UserAgent returns a string containing the Go version, system architecture and OS, and the adal version.

Types

type DeviceCode

type DeviceCode struct {
	DeviceCode      *string `json:"device_code,omitempty"`
	UserCode        *string `json:"user_code,omitempty"`
	VerificationURL *string `json:"verification_url,omitempty"`
	ExpiresIn       *int64  `json:"expires_in,string,omitempty"`
	Interval        *int64  `json:"interval,string,omitempty"`

	Message     *string `json:"message"` // Azure specific
	Resource    string  // store the following, stored when initiating, used when exchanging
	OAuthConfig OAuthConfig
	ClientID    string
}

DeviceCode is the object returned by the device auth endpoint It contains information to instruct the user to complete the auth flow

func InitiateDeviceAuth

func InitiateDeviceAuth(sender Sender, oauthConfig OAuthConfig, clientID, resource string) (*DeviceCode, error)

InitiateDeviceAuth initiates a device auth flow. It returns a DeviceCode that can be used with CheckForUserCompletion or WaitForUserCompletion. Deprecated: use InitiateDeviceAuthWithContext() instead.

func InitiateDeviceAuthWithContext

func InitiateDeviceAuthWithContext(ctx context.Context, sender Sender, oauthConfig OAuthConfig, clientID, resource string) (*DeviceCode, error)

InitiateDeviceAuthWithContext initiates a device auth flow. It returns a DeviceCode that can be used with CheckForUserCompletion or WaitForUserCompletion.

type MultiTenantOAuthConfig

type MultiTenantOAuthConfig interface {
	PrimaryTenant() *OAuthConfig
	AuxiliaryTenants() []*OAuthConfig
}

MultiTenantOAuthConfig provides endpoints for primary and aulixiary tenant IDs.

func NewMultiTenantOAuthConfig

func NewMultiTenantOAuthConfig(activeDirectoryEndpoint, primaryTenantID string, auxiliaryTenantIDs []string, options OAuthOptions) (MultiTenantOAuthConfig, error)

NewMultiTenantOAuthConfig creates an object that support multitenant OAuth configuration. See https://docs.microsoft.com/en-us/azure/azure-resource-manager/authenticate-multi-tenant for more information.

type MultiTenantServicePrincipalToken

type MultiTenantServicePrincipalToken struct {
	PrimaryToken    *ServicePrincipalToken
	AuxiliaryTokens []*ServicePrincipalToken
}

MultiTenantServicePrincipalToken contains tokens for multi-tenant authorization.

func NewMultiTenantServicePrincipalToken

func NewMultiTenantServicePrincipalToken(multiTenantCfg MultiTenantOAuthConfig, clientID string, secret string, resource string) (*MultiTenantServicePrincipalToken, error)

NewMultiTenantServicePrincipalToken creates a new MultiTenantServicePrincipalToken with the specified credentials and resource.

func (*MultiTenantServicePrincipalToken) AuxiliaryOAuthTokens

func (mt *MultiTenantServicePrincipalToken) AuxiliaryOAuthTokens() []string

AuxiliaryOAuthTokens returns one to three auxiliary authorization tokens.

func (*MultiTenantServicePrincipalToken) EnsureFreshWithContext

func (mt *MultiTenantServicePrincipalToken) EnsureFreshWithContext(ctx context.Context) error

EnsureFreshWithContext will refresh the token if it will expire within the refresh window (as set by RefreshWithin) and autoRefresh flag is on. This method is safe for concurrent use.

func (*MultiTenantServicePrincipalToken) PrimaryOAuthToken

func (mt *MultiTenantServicePrincipalToken) PrimaryOAuthToken() string

PrimaryOAuthToken returns the primary authorization token.

func (*MultiTenantServicePrincipalToken) RefreshExchangeWithContext

func (mt *MultiTenantServicePrincipalToken) RefreshExchangeWithContext(ctx context.Context, resource string) error

RefreshExchangeWithContext refreshes the token, but for a different resource.

func (*MultiTenantServicePrincipalToken) RefreshWithContext

func (mt *MultiTenantServicePrincipalToken) RefreshWithContext(ctx context.Context) error

RefreshWithContext obtains a fresh token for the Service Principal.

type MultitenantOAuthTokenProvider

type MultitenantOAuthTokenProvider interface {
	PrimaryOAuthToken() string
	AuxiliaryOAuthTokens() []string
}

MultitenantOAuthTokenProvider provides tokens used for multi-tenant authorization.

type OAuthConfig

type OAuthConfig struct {
	AuthorityEndpoint  url.URL `json:"authorityEndpoint"`
	AuthorizeEndpoint  url.URL `json:"authorizeEndpoint"`
	TokenEndpoint      url.URL `json:"tokenEndpoint"`
	DeviceCodeEndpoint url.URL `json:"deviceCodeEndpoint"`
}

OAuthConfig represents the endpoints needed in OAuth operations

func NewOAuthConfig

func NewOAuthConfig(activeDirectoryEndpoint, tenantID string) (*OAuthConfig, error)

NewOAuthConfig returns an OAuthConfig with tenant specific urls

func NewOAuthConfigWithAPIVersion

func NewOAuthConfigWithAPIVersion(activeDirectoryEndpoint, tenantID string, apiVersion *string) (*OAuthConfig, error)

NewOAuthConfigWithAPIVersion returns an OAuthConfig with tenant specific urls. If apiVersion is not nil the "api-version" query parameter will be appended to the endpoint URLs with the specified value.

func (OAuthConfig) IsZero

func (oac OAuthConfig) IsZero() bool

IsZero returns true if the OAuthConfig object is zero-initialized.

type OAuthOptions

type OAuthOptions struct {
	APIVersion string
}

OAuthOptions contains optional OAuthConfig creation arguments.

type OAuthTokenProvider

type OAuthTokenProvider interface {
	OAuthToken() string
}

OAuthTokenProvider is an interface which should be implemented by an access token retriever

type Refresher

type Refresher interface {
	Refresh() error
	RefreshExchange(resource string) error
	EnsureFresh() error
}

Refresher is an interface for token refresh functionality

type RefresherWithContext

type RefresherWithContext interface {
	RefreshWithContext(ctx context.Context) error
	RefreshExchangeWithContext(ctx context.Context, resource string) error
	EnsureFreshWithContext(ctx context.Context) error
}

RefresherWithContext is an interface for token refresh functionality

type SendDecorator

type SendDecorator func(Sender) Sender

SendDecorator takes and possibly decorates, by wrapping, a Sender. Decorators may affect the http.Request and pass it along or, first, pass the http.Request along then react to the http.Response result.

type Sender

type Sender interface {
	Do(*http.Request) (*http.Response, error)
}

Sender is the interface that wraps the Do method to send HTTP requests.

The standard http.Client conforms to this interface.

func CreateSender

func CreateSender(decorators ...SendDecorator) Sender

CreateSender creates, decorates, and returns, as a Sender, the default http.Client.

func DecorateSender

func DecorateSender(s Sender, decorators ...SendDecorator) Sender

DecorateSender accepts a Sender and a, possibly empty, set of SendDecorators, which is applies to the Sender. Decorators are applied in the order received, but their affect upon the request depends on whether they are a pre-decorator (change the http.Request and then pass it along) or a post-decorator (pass the http.Request along and react to the results in http.Response).

type SenderFunc

type SenderFunc func(*http.Request) (*http.Response, error)

SenderFunc is a method that implements the Sender interface.

func (SenderFunc) Do

func (sf SenderFunc) Do(r *http.Request) (*http.Response, error)

Do implements the Sender interface on SenderFunc.

type ServicePrincipalAuthorizationCodeSecret

type ServicePrincipalAuthorizationCodeSecret struct {
	ClientSecret      string `json:"value"`
	AuthorizationCode string `json:"authCode"`
	RedirectURI       string `json:"redirect"`
}

ServicePrincipalAuthorizationCodeSecret implements ServicePrincipalSecret for authorization code auth.

func (ServicePrincipalAuthorizationCodeSecret) MarshalJSON

func (secret ServicePrincipalAuthorizationCodeSecret) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface.

func (*ServicePrincipalAuthorizationCodeSecret) SetAuthenticationValues

func (secret *ServicePrincipalAuthorizationCodeSecret) SetAuthenticationValues(spt *ServicePrincipalToken, v *url.Values) error

SetAuthenticationValues is a method of the interface ServicePrincipalSecret.

type ServicePrincipalCertificateSecret

type ServicePrincipalCertificateSecret struct {
	Certificate *x509.Certificate
	PrivateKey  *rsa.PrivateKey
}

ServicePrincipalCertificateSecret implements ServicePrincipalSecret for generic RSA cert auth with signed JWTs.

func (ServicePrincipalCertificateSecret) MarshalJSON

func (secret ServicePrincipalCertificateSecret) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface.

func (*ServicePrincipalCertificateSecret) SetAuthenticationValues

func (secret *ServicePrincipalCertificateSecret) SetAuthenticationValues(spt *ServicePrincipalToken, v *url.Values) error

SetAuthenticationValues is a method of the interface ServicePrincipalSecret. It will populate the form submitted during oAuth Token Acquisition using a JWT signed with a certificate.

func (*ServicePrincipalCertificateSecret) SignJwt

SignJwt returns the JWT signed with the certificate's private key.

type ServicePrincipalMSISecret

type ServicePrincipalMSISecret struct {
}

ServicePrincipalMSISecret implements ServicePrincipalSecret for machines running the MSI Extension.

func (ServicePrincipalMSISecret) MarshalJSON

func (msiSecret ServicePrincipalMSISecret) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface.

func (*ServicePrincipalMSISecret) SetAuthenticationValues

func (msiSecret *ServicePrincipalMSISecret) SetAuthenticationValues(spt *ServicePrincipalToken, v *url.Values) error

SetAuthenticationValues is a method of the interface ServicePrincipalSecret.

type ServicePrincipalNoSecret

type ServicePrincipalNoSecret struct {
}

ServicePrincipalNoSecret represents a secret type that contains no secret meaning it is not valid for fetching a fresh token. This is used by Manual

func (ServicePrincipalNoSecret) MarshalJSON

func (noSecret ServicePrincipalNoSecret) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface.

func (*ServicePrincipalNoSecret) SetAuthenticationValues

func (noSecret *ServicePrincipalNoSecret) SetAuthenticationValues(spt *ServicePrincipalToken, v *url.Values) error

SetAuthenticationValues is a method of the interface ServicePrincipalSecret It only returns an error for the ServicePrincipalNoSecret type

type ServicePrincipalSecret

type ServicePrincipalSecret interface {
	SetAuthenticationValues(spt *ServicePrincipalToken, values *url.Values) error
}

ServicePrincipalSecret is an interface that allows various secret mechanism to fill the form that is submitted when acquiring an oAuth token.

type ServicePrincipalToken

type ServicePrincipalToken struct {

	// MaxMSIRefreshAttempts is the maximum number of attempts to refresh an MSI token.
	MaxMSIRefreshAttempts int
	// contains filtered or unexported fields
}

ServicePrincipalToken encapsulates a Token created for a Service Principal.

func NewServicePrincipalToken

func NewServicePrincipalToken(oauthConfig OAuthConfig, clientID string, secret string, resource string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error)

NewServicePrincipalToken creates a ServicePrincipalToken from the supplied Service Principal credentials scoped to the named resource.

func NewServicePrincipalTokenFromAuthorizationCode

func NewServicePrincipalTokenFromAuthorizationCode(oauthConfig OAuthConfig, clientID string, clientSecret string, authorizationCode string, redirectURI string, resource string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error)

NewServicePrincipalTokenFromAuthorizationCode creates a ServicePrincipalToken from the

func NewServicePrincipalTokenFromCertificate

func NewServicePrincipalTokenFromCertificate(oauthConfig OAuthConfig, clientID string, certificate *x509.Certificate, privateKey *rsa.PrivateKey, resource string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error)

NewServicePrincipalTokenFromCertificate creates a ServicePrincipalToken from the supplied pkcs12 bytes.

func NewServicePrincipalTokenFromMSI

func NewServicePrincipalTokenFromMSI(msiEndpoint, resource string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error)

NewServicePrincipalTokenFromMSI creates a ServicePrincipalToken via the MSI VM Extension. It will use the system assigned identity when creating the token.

func NewServicePrincipalTokenFromMSIWithUserAssignedID

func NewServicePrincipalTokenFromMSIWithUserAssignedID(msiEndpoint, resource string, userAssignedID string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error)

NewServicePrincipalTokenFromMSIWithUserAssignedID creates a ServicePrincipalToken via the MSI VM Extension. It will use the specified user assigned identity when creating the token.

func NewServicePrincipalTokenFromManualToken

func NewServicePrincipalTokenFromManualToken(oauthConfig OAuthConfig, clientID string, resource string, token Token, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error)

NewServicePrincipalTokenFromManualToken creates a ServicePrincipalToken using the supplied token

func NewServicePrincipalTokenFromManualTokenSecret

func NewServicePrincipalTokenFromManualTokenSecret(oauthConfig OAuthConfig, clientID string, resource string, token Token, secret ServicePrincipalSecret, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error)

NewServicePrincipalTokenFromManualTokenSecret creates a ServicePrincipalToken using the supplied token and secret

func NewServicePrincipalTokenFromUsernamePassword

func NewServicePrincipalTokenFromUsernamePassword(oauthConfig OAuthConfig, clientID string, username string, password string, resource string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error)

NewServicePrincipalTokenFromUsernamePassword creates a ServicePrincipalToken from the username and password.

func NewServicePrincipalTokenWithSecret

func NewServicePrincipalTokenWithSecret(oauthConfig OAuthConfig, id string, resource string, secret ServicePrincipalSecret, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error)

NewServicePrincipalTokenWithSecret create a ServicePrincipalToken using the supplied ServicePrincipalSecret implementation.

func (*ServicePrincipalToken) EnsureFresh

func (spt *ServicePrincipalToken) EnsureFresh() error

EnsureFresh will refresh the token if it will expire within the refresh window (as set by RefreshWithin) and autoRefresh flag is on. This method is safe for concurrent use.

func (*ServicePrincipalToken) EnsureFreshWithContext

func (spt *ServicePrincipalToken) EnsureFreshWithContext(ctx context.Context) error

EnsureFreshWithContext will refresh the token if it will expire within the refresh window (as set by RefreshWithin) and autoRefresh flag is on. This method is safe for concurrent use.

func (*ServicePrincipalToken) InvokeRefreshCallbacks

func (spt *ServicePrincipalToken) InvokeRefreshCallbacks(token Token) error

InvokeRefreshCallbacks calls any TokenRefreshCallbacks that were added to the SPT during initialization

func (ServicePrincipalToken) MarshalJSON

func (spt ServicePrincipalToken) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface.

func (ServicePrincipalToken) MarshalTokenJSON

func (spt ServicePrincipalToken) MarshalTokenJSON() ([]byte, error)

MarshalTokenJSON returns the marshalled inner token.

func (*ServicePrincipalToken) OAuthToken

func (spt *ServicePrincipalToken) OAuthToken() string

OAuthToken implements the OAuthTokenProvider interface. It returns the current access token.

func (*ServicePrincipalToken) Refresh

func (spt *ServicePrincipalToken) Refresh() error

Refresh obtains a fresh token for the Service Principal. This method is safe for concurrent use.

func (*ServicePrincipalToken) RefreshExchange

func (spt *ServicePrincipalToken) RefreshExchange(resource string) error

RefreshExchange refreshes the token, but for a different resource. This method is safe for concurrent use.

func (*ServicePrincipalToken) RefreshExchangeWithContext

func (spt *ServicePrincipalToken) RefreshExchangeWithContext(ctx context.Context, resource string) error

RefreshExchangeWithContext refreshes the token, but for a different resource. This method is safe for concurrent use.

func (*ServicePrincipalToken) RefreshWithContext

func (spt *ServicePrincipalToken) RefreshWithContext(ctx context.Context) error

RefreshWithContext obtains a fresh token for the Service Principal. This method is safe for concurrent use.

func (*ServicePrincipalToken) SetAutoRefresh

func (spt *ServicePrincipalToken) SetAutoRefresh(autoRefresh bool)

SetAutoRefresh enables or disables automatic refreshing of stale tokens.

func (*ServicePrincipalToken) SetCustomRefreshFunc

func (spt *ServicePrincipalToken) SetCustomRefreshFunc(customRefreshFunc TokenRefresh)

SetCustomRefreshFunc sets a custom refresh function used to refresh the token.

func (*ServicePrincipalToken) SetRefreshCallbacks

func (spt *ServicePrincipalToken) SetRefreshCallbacks(callbacks []TokenRefreshCallback)

SetRefreshCallbacks replaces any existing refresh callbacks with the specified callbacks.

func (*ServicePrincipalToken) SetRefreshWithin

func (spt *ServicePrincipalToken) SetRefreshWithin(d time.Duration)

SetRefreshWithin sets the interval within which if the token will expire, EnsureFresh will refresh the token.

func (*ServicePrincipalToken) SetSender

func (spt *ServicePrincipalToken) SetSender(s Sender)

SetSender sets the http.Client used when obtaining the Service Principal token. An undecorated http.Client is used by default.

func (*ServicePrincipalToken) Token

func (spt *ServicePrincipalToken) Token() Token

Token returns a copy of the current token.

func (*ServicePrincipalToken) UnmarshalJSON

func (spt *ServicePrincipalToken) UnmarshalJSON(data []byte) error

UnmarshalJSON implements the json.Unmarshaler interface.

type ServicePrincipalTokenSecret

type ServicePrincipalTokenSecret struct {
	ClientSecret string `json:"value"`
}

ServicePrincipalTokenSecret implements ServicePrincipalSecret for client_secret type authorization.

func (ServicePrincipalTokenSecret) MarshalJSON

func (tokenSecret ServicePrincipalTokenSecret) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface.

func (*ServicePrincipalTokenSecret) SetAuthenticationValues

func (tokenSecret *ServicePrincipalTokenSecret) SetAuthenticationValues(spt *ServicePrincipalToken, v *url.Values) error

SetAuthenticationValues is a method of the interface ServicePrincipalSecret. It will populate the form submitted during oAuth Token Acquisition using the client_secret.

type ServicePrincipalUsernamePasswordSecret

type ServicePrincipalUsernamePasswordSecret struct {
	Username string `json:"username"`
	Password string `json:"password"`
}

ServicePrincipalUsernamePasswordSecret implements ServicePrincipalSecret for username and password auth.

func (ServicePrincipalUsernamePasswordSecret) MarshalJSON

func (secret ServicePrincipalUsernamePasswordSecret) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface.

func (*ServicePrincipalUsernamePasswordSecret) SetAuthenticationValues

func (secret *ServicePrincipalUsernamePasswordSecret) SetAuthenticationValues(spt *ServicePrincipalToken, v *url.Values) error

SetAuthenticationValues is a method of the interface ServicePrincipalSecret.

type Token

type Token struct {
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token"`

	ExpiresIn json.Number `json:"expires_in"`
	ExpiresOn json.Number `json:"expires_on"`
	NotBefore json.Number `json:"not_before"`

	Resource string `json:"resource"`
	Type     string `json:"token_type"`
}

Token encapsulates the access token used to authorize Azure requests. https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-oauth2-client-creds-grant-flow#service-to-service-access-token-response

func CheckForUserCompletion

func CheckForUserCompletion(sender Sender, code *DeviceCode) (*Token, error)

CheckForUserCompletion takes a DeviceCode and checks with the Azure AD OAuth endpoint to see if the device flow has: been completed, timed out, or otherwise failed Deprecated: use CheckForUserCompletionWithContext() instead.

func CheckForUserCompletionWithContext

func CheckForUserCompletionWithContext(ctx context.Context, sender Sender, code *DeviceCode) (*Token, error)

CheckForUserCompletionWithContext takes a DeviceCode and checks with the Azure AD OAuth endpoint to see if the device flow has: been completed, timed out, or otherwise failed

func LoadToken

func LoadToken(path string) (*Token, error)

LoadToken restores a Token object from a file located at 'path'.

func WaitForUserCompletion

func WaitForUserCompletion(sender Sender, code *DeviceCode) (*Token, error)

WaitForUserCompletion calls CheckForUserCompletion repeatedly until a token is granted or an error state occurs. This prevents the user from looping and checking against 'ErrDeviceAuthorizationPending'. Deprecated: use WaitForUserCompletionWithContext() instead.

func WaitForUserCompletionWithContext

func WaitForUserCompletionWithContext(ctx context.Context, sender Sender, code *DeviceCode) (*Token, error)

WaitForUserCompletionWithContext calls CheckForUserCompletion repeatedly until a token is granted or an error state occurs. This prevents the user from looping and checking against 'ErrDeviceAuthorizationPending'.

func (Token) Expires

func (t Token) Expires() time.Time

Expires returns the time.Time when the Token expires.

func (Token) IsExpired

func (t Token) IsExpired() bool

IsExpired returns true if the Token is expired, false otherwise.

func (Token) IsZero

func (t Token) IsZero() bool

IsZero returns true if the token object is zero-initialized.

func (*Token) OAuthToken

func (t *Token) OAuthToken() string

OAuthToken return the current access token

func (Token) WillExpireIn

func (t Token) WillExpireIn(d time.Duration) bool

WillExpireIn returns true if the Token will expire after the passed time.Duration interval from now, false otherwise.

type TokenError

type TokenError struct {
	Error            *string `json:"error,omitempty"`
	ErrorCodes       []int   `json:"error_codes,omitempty"`
	ErrorDescription *string `json:"error_description,omitempty"`
	Timestamp        *string `json:"timestamp,omitempty"`
	TraceID          *string `json:"trace_id,omitempty"`
}

TokenError is the object returned by the token exchange endpoint when something is amiss

type TokenRefresh

type TokenRefresh func(ctx context.Context, resource string) (*Token, error)

TokenRefresh is a type representing a custom callback to refresh a token

type TokenRefreshCallback

type TokenRefreshCallback func(Token) error

TokenRefreshCallback is the type representing callbacks that will be called after a successful token refresh

type TokenRefreshError

type TokenRefreshError interface {
	error
	Response() *http.Response
}

TokenRefreshError is an interface used by errors returned during token refresh.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL