auth

package
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 2, 2022 License: MIT Imports: 18 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DefaultStateGenerator 

func DefaultStateGenerator() string

DefaultStateGenerator generates a default State

Types

type AuthorizationCallbackListener 

type AuthorizationCallbackListener interface {
	GetCallbackURL() string
	AwaitResponse(response chan CallbackResponse, state string)
	Close()
}

AuthorizationCallbackListener abstracts listening for the authorization callback

type AuthorizationCodeExchangeRequest 

type AuthorizationCodeExchangeRequest struct {
	ClientID     string
	CodeVerifier string
	Code         string
	RedirectURI  string
}

AuthorizationCodeExchangeRequest is used to request the exchange of an authorization code for a token

type AuthorizationCodeProvider 

type AuthorizationCodeProvider interface {
	GetCode(challenge Challenge, additionalScopes ...string) (*AuthorizationCodeResult, error)
}

AuthorizationCodeProvider abstracts getting an authorization code

type AuthorizationCodeResult 

type AuthorizationCodeResult struct {
	Code        string
	RedirectURI string
}

AuthorizationCodeResult holds the needed code and redirect URI needed to exchange a authorization code for tokens

type AuthorizationTokenExchanger 

type AuthorizationTokenExchanger interface {
	ExchangeCode(req AuthorizationCodeExchangeRequest) (*TokenResult, error)
	ExchangeRefreshToken(req RefreshTokenExchangeRequest) (*TokenResult, error)
}

AuthorizationTokenExchanger abstracts exchanging for tokens

type AuthorizationTokenResponse 

type AuthorizationTokenResponse struct {
	AccessToken  string `json:"access_token"`
	ExpiresIn    int    `json:"expires_in"`
	IDToken      string `json:"id_token"`
	RefreshToken string `json:"refresh_token"`
	TokenType    string `json:"token_type"`
}

AuthorizationTokenResponse is the HTTP response when asking for a new token. Note that not all fields will contain data based on what kind of request was sent

type CachingTokenProvider 

type CachingTokenProvider struct {
	// contains filtered or unexported fields
}

CachingTokenProvider satisfies the cmd.tokenProvider interface and is a token provider that uses a cache to store tokens

func NewCachingTokenProvider 

func NewCachingTokenProvider(cache cachingProvider, issuerTokenProvider issuerTokenProvider) *CachingTokenProvider

NewCachingTokenProvider builds a new CachingTokenProvider using the passed in interface satisfiers

func (*CachingTokenProvider) GetAccessToken 

func (c *CachingTokenProvider) GetAccessToken() (string, error)

GetAccessToken returns an access token using the cache and falls back to an issuer token provider if the cache is empty

func (*CachingTokenProvider) GetIDToken added in v0.3.0 

func (c *CachingTokenProvider) GetIDToken() (string, error)

GetIDToken returns an id token using the cache and falls back to an issuer token provider if the cache is empty

type CallbackResponse 

type CallbackResponse struct {
	Code  string
	Error error
}

CallbackResponse holds the code gotten from the authorization callback. Error will hold an error struct if an error occurred.

type CallbackService 

type CallbackService struct {
	// contains filtered or unexported fields
}

CallbackService is used to handle the callback received in the PKCE flow

func NewCallbackListener 

func NewCallbackListener(addr string, httpServer HTTPServer) *CallbackService

NewCallbackListener creates a new CallbackService that uses the passed in httpServer to listen on the passed in addr

func NewLocalCallbackListener added in v0.3.2 

func NewLocalCallbackListener(port int) *CallbackService

NewLocalCallbackListener creates a new CallbackService with a callbackServer that listens on 127.0.0.1

func (*CallbackService) AwaitResponse 

func (c *CallbackService) AwaitResponse(response chan CallbackResponse, state string)

AwaitResponse sets up the response channel to receive the code that comes in the from authorizatino code callback handler

func (*CallbackService) BuildCodeResponseHandler 

func (c *CallbackService) BuildCodeResponseHandler(responseC chan CallbackResponse, state string) func(w http.ResponseWriter, r *http.Request)

BuildCodeResponseHandler builds the HTTP handler func that receives the authorization code callback

func (*CallbackService) Close 

func (c *CallbackService) Close()

Close tells the HTTP server to gracefully shutdown

func (*CallbackService) GetCallbackURL 

func (c *CallbackService) GetCallbackURL() string

GetCallbackURL returns the callback url that is used to receive the authorization code

type Challenge 

type Challenge struct {
	Code     string
	Verifier string
	Method   string
}

Challenge holds challenge and verification data needed for the PKCE flow

func DefaultChallengeGenerator 

func DefaultChallengeGenerator() Challenge

DefaultChallengeGenerator generates a default Challenge

type Challenger 

type Challenger func() Challenge

Challenger is used to generate a new Challenge

type ConfigBackedCachingProvider 

type ConfigBackedCachingProvider struct {
	// contains filtered or unexported fields
}

ConfigBackedCachingProvider wraps a configProvider in order to conform to the cachingProvider interface

func NewConfigBackedCachingProvider 

func NewConfigBackedCachingProvider(clientID, audience string, config configProvider) *ConfigBackedCachingProvider

NewConfigBackedCachingProvider builds and returns a CachingTokenProvider that utilizes a configProvider to cache tokens

func (*ConfigBackedCachingProvider) CacheTokens 

func (c *ConfigBackedCachingProvider) CacheTokens(toCache *TokenResult) error

CacheTokens caches the id and refresh token from TokenResult in the configProvider

func (*ConfigBackedCachingProvider) GetTokens 

func (c *ConfigBackedCachingProvider) GetTokens() (*TokenResult, error)

GetTokens gets the tokens from the cache and returns them as a TokenResult

type HTTPAuthTransport 

type HTTPAuthTransport interface {
	Do(request *http.Request) (*http.Response, error)
}

HTTPAuthTransport abstracts how an HTTP exchange request is sent and received

type HTTPServer 

type HTTPServer interface {
	Start(addr string)
	Shutdown()
}

HTTPServer abstracts the functions needed for starting and shutting down an HTTP server

type Issuer 

type Issuer struct {
	IssuerEndpoint string
	ClientID       string
	Audience       string
}

Issuer holds information about the issuer of tokens

type KeyringCachingProvider added in v0.3.0 

type KeyringCachingProvider struct {
	// contains filtered or unexported fields
}

KeyringCachingProvider satisfies the cachingProvider interface and caches tokens using the github.com/99designs/keyring interface

func NewKeyringCachingProvider added in v0.3.0 

func NewKeyringCachingProvider(clientID, audience string, krp KeyringProvider) *KeyringCachingProvider

NewKeyringCachingProvider builds a new KeyringCachingProvider using the passed in interface satisfiers

func (*KeyringCachingProvider) CacheTokens added in v0.3.0 

func (kcp *KeyringCachingProvider) CacheTokens(tr *TokenResult) error

CacheTokens stores the TokenResult in keyring

func (*KeyringCachingProvider) GetTokens added in v0.3.0 

func (kcp *KeyringCachingProvider) GetTokens() (*TokenResult, error)

GetTokens gets the TokenResult from keyring

type KeyringProvider added in v0.3.0 

type KeyringProvider interface {
	Get(key string) (keyring.Item, error)
	Set(item keyring.Item) error
}

KeyringProvider is a small subset of the github.com/99designs/keyring interface that only defines the functionality that we use

type LocalCodeProvider added in v0.3.2 

type LocalCodeProvider struct {
	Issuer
	// contains filtered or unexported fields
}

LocalCodeProvider holds the information needed to easily get an authorization code locally.

func NewLocalCodeProvider added in v0.3.2 

func NewLocalCodeProvider(
	issuer Issuer,
	oidcWellKnownEndpoints OIDCWellKnownEndpoints,
	callbackListener AuthorizationCallbackListener,
	osInteractor OSInteractor,
	state State) *LocalCodeProvider

NewLocalCodeProvider allows for the easy setup of LocalCodeProvider

func (*LocalCodeProvider) GetCode added in v0.3.2 

func (cp *LocalCodeProvider) GetCode(challenge Challenge, additionalScopes ...string) (*AuthorizationCodeResult, error)

GetCode opens a URL to authenticate and authorize a user and then returns the authorization code that is sent to the callback. Additional scopes beyond openid and email can be sent by passing in arguments for <additionalScopes>.

type OIDCWellKnownEndpoints added in v0.3.0 

type OIDCWellKnownEndpoints struct {
	AuthorizationEndpoint string `json:"authorization_endpoint"`
	TokenEndpoint         string `json:"token_endpoint"`
}

OIDCWellKnownEndpoints holds the well known OIDC endpoints

func GetOIDCWellKnownEndpointsFromIssuerURL added in v0.3.0 

func GetOIDCWellKnownEndpointsFromIssuerURL(issuerURL string) (*OIDCWellKnownEndpoints, error)

GetOIDCWellKnownEndpointsFromIssuerURL gets the well known endpoints for the passed in issuer url

type OSInteractor 

type OSInteractor interface {
	OpenURL(url string) error
}

OSInteractor abstracts opening a url on the users OS

type RefreshTokenExchangeRequest 

type RefreshTokenExchangeRequest struct {
	ClientID     string
	RefreshToken string
}

RefreshTokenExchangeRequest is used to request the exchange of a refresh token for a refreshed token

type State 

type State func() string

State is used to generate a new state string

type TokenProvider added in v0.3.0 

type TokenProvider struct {
	// contains filtered or unexported fields
}

TokenProvider takes care of the mechanics needed for getting an access Token

func NewAccessTokenProvider 

func NewAccessTokenProvider(
	allowRefresh bool,
	issuerData Issuer,
	codeProvider AuthorizationCodeProvider,
	exchanger AuthorizationTokenExchanger,
	challenger Challenger) *TokenProvider

NewAccessTokenProvider allows for the easy setup AccessTokenProvider

func NewDefaultAccessTokenProvider 

func NewDefaultAccessTokenProvider(issuerData Issuer, allowRefresh bool, port uint16) (*TokenProvider, error)

NewDefaultAccessTokenProvider provides an easy way to build up a default token provider with all the correct configuration. If refresh tokens should be allowed pass in true for <allowRefresh>

func (*TokenProvider) Authenticate added in v0.3.0 

func (p *TokenProvider) Authenticate() (*TokenResult, error)

Authenticate is used to retrieve a TokenResult when the user has not yet authenticated

func (*TokenProvider) FromRefreshToken added in v0.3.0 

func (p *TokenProvider) FromRefreshToken(refreshToken string) (*TokenResult, error)

FromRefreshToken is used to retrieve a TokenResult when the user has already authenticated but their Access Token has expired

type TokenResult 

type TokenResult struct {
	AccessToken  string `json:"access_token"`
	IDToken      string `json:"id_token"`
	RefreshToken string `json:"refresh_token"`
	ExpiresIn    int    `json:"expires_in"`
}

TokenResult holds token information

type TokenRetriever 

type TokenRetriever struct {
	// contains filtered or unexported fields
}

TokenRetriever implements AuthTokenExchanger in order to facilitate getting Tokens

func NewTokenRetriever 

func NewTokenRetriever(oidcWellKnownEndpoints OIDCWellKnownEndpoints, authTransport HTTPAuthTransport) *TokenRetriever

NewTokenRetriever allows a TokenRetriever the internal of a new TokenRetriever to be easily set up

func (*TokenRetriever) ExchangeCode 

func (ce *TokenRetriever) ExchangeCode(req AuthorizationCodeExchangeRequest) (*TokenResult, error)

ExchangeCode uses the AuthCodeExchangeRequest to exchange an authorization code for tokens

func (*TokenRetriever) ExchangeRefreshToken 

func (ce *TokenRetriever) ExchangeRefreshToken(req RefreshTokenExchangeRequest) (*TokenResult, error)

ExchangeRefreshToken uses the RefreshTokenExchangeRequest to exchange a refresh token for refreshed tokens

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.