xsuaa

package module

v0.1.2 Latest Latest Go to latest Published: May 5, 2026 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/bluefunda/btp-go

Links

Open Source Insights

Documentation ¶

Overview ¶

Package xsuaa provides a client-credentials token source for SAP BTP's XSUAA (Extended Services for User Account and Authentication) OAuth2 server.

Usage:

import "github.com/bluefunda/btp-go/xsuaa"

src := xsuaa.NewClientCredentialsSource(xsuaa.Config{
    ClientID:     "sb-my-app!t1234",
    ClientSecret: "secret",
    TokenURL:     "https://my-tenant.authentication.eu10.hana.ondemand.com/oauth/token",
})

token, err := src.Token(ctx)

Tokens are cached in memory and refreshed automatically before expiry. Concurrent callers during a refresh share a single in-flight HTTP request.

The package is stdlib-only and has zero third-party dependencies.

Index ¶

type Config
type TokenSource
- func NewClientCredentialsSource(cfg Config) TokenSource

Examples ¶

NewClientCredentialsSource

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	// ClientID is the OAuth2 client identifier.
	ClientID string

	// ClientSecret is the OAuth2 client secret.
	ClientSecret string

	// TokenURL is the full URL of the token endpoint, typically
	// <xsuaa-url>/oauth/token.
	TokenURL string

	// HTTPClient is the HTTP client used for token requests. When nil,
	// http.DefaultClient is used.
	HTTPClient *http.Client

	// Skew is how far before the token expires a refresh is triggered.
	// Defaults to 60 seconds when zero.
	Skew time.Duration
}

Config holds the parameters for obtaining client-credentials tokens from XSUAA.

type TokenSource ¶

type TokenSource interface {
	Token(ctx context.Context) (string, error)
}

TokenSource is implemented by any value that can return a bearer JWT. xsuaa.NewClientCredentialsSource returns a TokenSource. The interface is also satisfied by any compatible implementation from other packages.

func NewClientCredentialsSource ¶

func NewClientCredentialsSource(cfg Config) TokenSource

NewClientCredentialsSource returns a TokenSource that fetches and caches a client-credentials token from cfg.TokenURL. Concurrent calls to Token share a single in-flight HTTP request.

Example ¶

package main

import (
	"context"
	"fmt"
	"log"

	"github.com/bluefunda/btp-go/xsuaa"
)

func main() {
	src := xsuaa.NewClientCredentialsSource(xsuaa.Config{
		ClientID:     "sb-myapp!t1234",
		ClientSecret: "secret",
		TokenURL:     "https://my-tenant.authentication.eu10.hana.ondemand.com/oauth/token",
	})

	token, err := src.Token(context.Background())
	if err != nil {
		log.Fatal(err)
	}
	// token is a bearer JWT; pass it to downstream service calls.
	_ = fmt.Sprintf("Bearer %s", token)
}

Output:

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL