auth

package

v0.0.0-...-7ad5d0e Latest Latest Go to latest Published: Mar 19, 2026 License: MIT Imports: 22 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/Greybox-Labs/tim

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func DeleteToken(typ TokenType) error
func GenerateCodeChallenge(verifier string) string
func GenerateCodeVerifier() (string, error)
func GetAuthorizeURL() string
func GetClientID() string
func GetOpenPort() int
func GetProjectID() string
func GetStytchEnvironment() string
func LoadToken(typ TokenType) (string, error)
func OpenBrowser(url string) error
func PerformLogout() []error
func SaveToken(tok string, typ TokenType) error
func TruncateToken(token string) string
type AuthStatus
- func GetAuthenticationStatus() (*AuthStatus, error)
type LoginResult
- func PerformLogin() (*LoginResult, error)
type TokenResponse
- func ExchangeCodeForAccessToken(clientID, projectID, code, codeVerifier, redirectURI string) (*TokenResponse, error)
- func RefreshAccessToken(clientID, projectID string) (*TokenResponse, error)
type TokenType
- func (t TokenType) IsValid() bool
- func (t TokenType) String() string

Constants ¶

View Source

const (
	ClientIDEnvVar          = "TIM_STYTCH_CLIENT_ID"
	ProjectIDEnvVar         = "TIM_STYTCH_PROJECT_ID"
	AuthorizeURLEnvVar      = "TIM_STYTCH_AUTHORIZE_URL"
	StytchEnvironmentEnvVar = "TIM_STYTCH_ENVIRONMENT"
)

Environment variable names for runtime configuration

Variables ¶

This section is empty.

Functions ¶

func DeleteToken ¶

func DeleteToken(typ TokenType) error

DeleteToken removes the token from storage

func GenerateCodeChallenge ¶

func GenerateCodeChallenge(verifier string) string

GenerateCodeChallenge generates a code challenge from a verifier

func GenerateCodeVerifier ¶

func GenerateCodeVerifier() (string, error)

GenerateCodeVerifier generates a random code verifier for PKCE

func GetAuthorizeURL ¶

func GetAuthorizeURL() string

GetAuthorizeURL returns the authorize URL with priority: env var -> embedded value

func GetClientID ¶

func GetClientID() string

GetClientID returns the client ID with priority: env var -> embedded value

func GetOpenPort ¶

func GetOpenPort() int

GetOpenPort returns an available port for the callback server

func GetProjectID ¶

func GetProjectID() string

GetProjectID returns the project ID with priority: env var -> embedded value

func GetStytchEnvironment ¶

func GetStytchEnvironment() string

GetStytchEnvironment returns the Stytch environment with priority: env var -> embedded value

func LoadToken ¶

func LoadToken(typ TokenType) (string, error)

LoadToken retrieves the token

func OpenBrowser ¶

func OpenBrowser(url string) error

OpenBrowser opens the given URL in the default browser

func PerformLogout ¶

func PerformLogout() []error

PerformLogout deletes stored tokens and returns any errors

func SaveToken ¶

func SaveToken(tok string, typ TokenType) error

SaveToken persists the token securely

func TruncateToken ¶

func TruncateToken(token string) string

TruncateToken shows only the first few characters of a token for security

Types ¶

type AuthStatus ¶

type AuthStatus struct {
	IsLoggedIn          bool
	AccessToken         string
	RefreshToken        string
	SessionJWT          string
	SessionToken        string
	Email               string
	RefreshTokenMissing bool
	SessionJWTMissing   bool
}

AuthStatus represents the authentication status and tokens

func GetAuthenticationStatus ¶

func GetAuthenticationStatus() (*AuthStatus, error)

GetAuthenticationStatus returns current authentication status and token information

type LoginResult ¶

type LoginResult struct {
	TokensRefreshed bool
	NewTokens       bool
	RefreshError    error
	URL             string
	Port            int
}

LoginResult represents the result of a login operation

func PerformLogin ¶

func PerformLogin() (*LoginResult, error)

PerformLogin executes the OAuth2 login flow and returns the result

type TokenResponse ¶

type TokenResponse struct {
	AccessToken  string `json:"access_token"`
	ExpiresIn    int    `json:"expires_in"`
	RefreshToken string `json:"refresh_token"`
	Scope        string `json:"scope"`
	TokenType    string `json:"token_type"`
	IDToken      string `json:"id_token"`
	RequestID    string `json:"request_id"`
	StatusCode   int    `json:"status_code"`
}

func ExchangeCodeForAccessToken ¶

func ExchangeCodeForAccessToken(clientID, projectID, code, codeVerifier, redirectURI string) (*TokenResponse, error)

ExchangeCodeForAccessToken exchanges an authorization code for tokens

func RefreshAccessToken ¶

func RefreshAccessToken(clientID, projectID string) (*TokenResponse, error)

RefreshAccessToken attempts to refresh the access token using the refresh token

type TokenType ¶

type TokenType string

TokenType represents the different types of authentication tokens

const (
	// AccessToken represents an OAuth access token
	AccessToken TokenType = "access_token"

	// RefreshToken represents an OAuth refresh token
	RefreshToken TokenType = "refresh_token"

	// SessionJWT represents a JWT session token
	SessionJWT TokenType = "session_jwt"

	// SessionToken represents an opaque session token
	SessionToken TokenType = "session_token"

	// MemberSessionID represents the Stytch member session ID (critical for session operations)
	MemberSessionID TokenType = "member_session_id"

	// UserID represents the Tim API internal user ID
	UserID TokenType = "user_id"

	// OrgID represents the Tim API internal organization ID
	OrgID TokenType = "org_id"

	// Email represents the user's email address
	Email TokenType = "email"
)

func (TokenType) IsValid ¶

func (t TokenType) IsValid() bool

IsValid checks if the token type is one of the known types

func (TokenType) String ¶

func (t TokenType) String() string

String returns the string representation of the token type

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL