stsexchange

package
v0.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 11, 2024 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// GrantType for a sts exchange.
	GrantType = "urn:ietf:params:oauth:grant-type:token-exchange"
	// TokenType for a sts exchange.
	TokenType = "urn:ietf:params:oauth:token-type:access_token"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type ClientAuthentication

type ClientAuthentication struct {
	AuthStyle    auth.Style
	ClientID     string
	ClientSecret string
}

ClientAuthentication represents an OAuth client ID and secret and the mechanism for passing these credentials as stated in rfc6749#2.3.1.

func (*ClientAuthentication) InjectAuthentication

func (c *ClientAuthentication) InjectAuthentication(values url.Values, headers http.Header)

InjectAuthentication is used to add authentication to a Secure Token Service exchange request. It modifies either the passed url.Values or http.Header depending on the desired authentication format.

type Options

type Options struct {
	Client         *http.Client
	Endpoint       string
	Request        *TokenRequest
	Authentication ClientAuthentication
	Headers        http.Header
	// ExtraOpts are optional fields marshalled into the `options` field of the
	// request body.
	ExtraOpts    map[string]interface{}
	RefreshToken string
}

Options stores the configuration for making an sts exchange request.

type TokenRequest

type TokenRequest struct {
	ActingParty struct {
		ActorToken     string
		ActorTokenType string
	}
	GrantType          string
	Resource           string
	Audience           string
	Scope              []string
	RequestedTokenType string
	SubjectToken       string
	SubjectTokenType   string
}

TokenRequest contains fields necessary to make an oauth2 token exchange.

type TokenResponse

type TokenResponse struct {
	AccessToken     string `json:"access_token"`
	IssuedTokenType string `json:"issued_token_type"`
	TokenType       string `json:"token_type"`
	ExpiresIn       int    `json:"expires_in"`
	Scope           string `json:"scope"`
	RefreshToken    string `json:"refresh_token"`
}

TokenResponse is used to decode the remote server response during an oauth2 token exchange.

func ExchangeToken

func ExchangeToken(ctx context.Context, opts *Options) (*TokenResponse, error)

ExchangeToken performs an oauth2 token exchange with the provided endpoint.

func RefreshAccessToken

func RefreshAccessToken(ctx context.Context, opts *Options) (*TokenResponse, error)

RefreshAccessToken performs the token exchange using a refresh token flow.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL