Documentation
¶
Index ¶
- Constants
- Variables
- func ExchangeCodeForToken(ctx context.Context, code AuthCodeFlow, tenant types.TenantName, ...) (string, error)
- func NewAuthInterceptor(token, orgID string) connect.Interceptor
- func NewClient(clientID, issuer string) *client
- func ServeAuthCodeFlowServer(ctx context.Context, authPort int, tenant types.TenantName, ...) error
- func ValidatePKCE(verifier string, challenge string, method Method) bool
- type AuthCodeFlow
- type AuthorizeOption
- type AuthorizeOptions
- type AuthorizeResult
- type Client
- type ExchangeSuccess
- type LoginFlow
- type Method
- type OAuthError
- type PKCE
- type RefreshOption
- type RefreshOptions
- type RefreshSuccess
- type ResponseType
- type Tokens
- type VerifyOption
- type VerifyOptions
- type VerifyResult
Constants ¶
View Source
const XDefangOrgID = "X-Defang-Orgid"
Variables ¶
Functions ¶
func ExchangeCodeForToken ¶
func NewAuthInterceptor ¶
func NewAuthInterceptor(token, orgID string) connect.Interceptor
func ServeAuthCodeFlowServer ¶
func ServeAuthCodeFlowServer(ctx context.Context, authPort int, tenant types.TenantName, saveToken func(string)) error
ServeAuthCodeFlowServer serves the auth code flow server and will save the auth token to the file when it has been received. The server will run on the port that is specified by authPort. The server will continue to run indefinitely. TODO: make the server stop once we have the code
Types ¶
type AuthCodeFlow ¶
type AuthCodeFlow struct {
// contains filtered or unexported fields
}
func StartAuthCodeFlow ¶
func StartAuthCodeFlow(ctx context.Context, mcpFlow LoginFlow) (AuthCodeFlow, error)
type AuthorizeOption ¶
type AuthorizeOption = func(*AuthorizeOptions)
func WithPkce ¶
func WithPkce() AuthorizeOption
func WithProvider ¶
func WithProvider(provider string) AuthorizeOption
type AuthorizeOptions ¶
type AuthorizeOptions struct {
// contains filtered or unexported fields
}
type AuthorizeResult ¶
type AuthorizeResult struct {
// contains filtered or unexported fields
}
type Client ¶
type Client interface {
/**
* Start the autorization flow.
* This returns a redirect URL and a challenge that you need to use later to verify the code.
*/
Authorize(redirectURI string, response ResponseType, opts ...AuthorizeOption) (*AuthorizeResult, error)
/**
* Exchange the code for access and refresh tokens.
*/
Exchange(code string, redirectURI string, verifier string) (*ExchangeSuccess, error)
/**
* Refreshes the tokens if they have expired. This is used in an SPA app to maintain the
* session, without logging the user out.
*/
Refresh(refresh string, opts ...RefreshOption) (*RefreshSuccess, error)
/**
* Verify the token in the incoming request.
*/
Verify(token string, opts ...VerifyOption) (*VerifyResult, error)
}
type ExchangeSuccess ¶
type ExchangeSuccess struct {
Tokens
}
type OAuthError ¶
type OAuthError struct {
ErrorCode string `json:"error,omitempty"`
ErrorDescription string `json:"error_description,omitempty"`
}
func (OAuthError) Error ¶
func (oe OAuthError) Error() string
type PKCE ¶
func GeneratePKCE ¶
type RefreshOption ¶
type RefreshOption func(*RefreshOptions)
func WithAccessToken ¶
func WithAccessToken(access string) RefreshOption
type RefreshOptions ¶
type RefreshOptions struct {
// contains filtered or unexported fields
}
type RefreshSuccess ¶
type RefreshSuccess struct {
Tokens
}
type ResponseType ¶
type ResponseType string
const ( CodeResponseType ResponseType = "code" TokenResponseType ResponseType = "token" )
type VerifyOption ¶
type VerifyOption func(*VerifyOptions)
func WithRefreshToken ¶
func WithRefreshToken(refresh string) VerifyOption
type VerifyOptions ¶
type VerifyOptions struct {
// contains filtered or unexported fields
}
type VerifyResult ¶
type VerifyResult struct {
*Tokens
}
Source Files
Click to show internal directories.
Click to hide internal directories.