auth

package
v0.16.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 15, 2026 License: MIT Imports: 19 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ClaudeClientID        = "9d1c250a-e61b-44d9-88ed-5944d1962f5e"
	ClaudeAuthorizeURL    = "https://claude.ai/oauth/authorize"
	ClaudeTokenURL        = "https://platform.claude.com/v1/oauth/token"
	ClaudeProfileURL      = "https://api.anthropic.com/api/oauth/profile"
	ClaudeOAuthBetaHeader = "oauth-2025-04-20"
	ClaudeOAuthScopes     = "user:file_upload user:inference user:mcp_servers user:profile user:sessions:claude_code"
)
View Source 
const (
	CopilotClientID = "Ov23li8tweQw6odWQebz"
)

Variables

This section is empty.

Functions

func CheckCopilotModelsAPI 

func CheckCopilotModelsAPI(token, baseURL string) error

CheckCopilotModelsAPI verifies that the Copilot models API endpoint is reachable using the provided bearer token and base URL.

func ClaudeLogout added in v0.16.0 

func ClaudeLogout() error

ClaudeLogout removes pando's Claude credential file.

func CopilotAPIBaseURL 

func CopilotAPIBaseURL(enterpriseURL string) string

func CopilotDeviceFlowInstructions 

func CopilotDeviceFlowInstructions(deviceCode CopilotDeviceCode) string

func CopilotSessionFilePath 

func CopilotSessionFilePath() (string, error)

func DeleteCopilotSession 

func DeleteCopilotSession() error

func IsClaudeTokenExpired added in v0.16.0 

func IsClaudeTokenExpired(creds *ClaudeCredentials) bool

IsClaudeTokenExpired returns true if the token expires within the next 5 minutes.

func LoadGitHubOAuthToken 

func LoadGitHubOAuthToken() (string, error)

func NormalizeGitHubDomain 

func NormalizeGitHubDomain(value string) string

func OpenBrowser 

func OpenBrowser(url string) error

func SaveClaudeCredentials added in v0.16.0 

func SaveClaudeCredentials(creds *ClaudeCredentials) error

SaveClaudeCredentials saves Claude credentials to pando's config directory.

func SaveCopilotSession 

func SaveCopilotSession(session CopilotSession) error

func ValidateCopilotToken 

func ValidateCopilotToken(ctx context.Context, session CopilotSession) error

Types

type ClaudeAuthStatus added in v0.16.0 

type ClaudeAuthStatus struct {
	Authenticated    bool
	AccessToken      string
	SubscriptionType string
	DisplayName      string
	Email            string
	Source           string // "env", "pando", or "claude-code"
}

ClaudeAuthStatus holds the authentication status for Claude.

func GetClaudeAuthStatus added in v0.16.0 

func GetClaudeAuthStatus() (*ClaudeAuthStatus, error)

GetClaudeAuthStatus loads credentials and returns the current authentication status.

type ClaudeCredentials added in v0.16.0 

type ClaudeCredentials struct {
	ClaudeAiOauth    *ClaudeOAuthToken `json:"claudeAiOauth"`
	OrganizationUUID string            `json:"organizationUuid,omitempty"`
}

ClaudeCredentials holds the OAuth credentials for Claude.

func ClaudeLogin added in v0.16.0 

func ClaudeLogin() (*ClaudeCredentials, string, error)

ClaudeLogin performs the full PKCE OAuth2 flow for Claude. Returns credentials, display name, and any error.

func GetValidClaudeToken added in v0.16.0 

func GetValidClaudeToken(creds *ClaudeCredentials) (string, *ClaudeCredentials, error)

GetValidClaudeToken returns a valid access token, refreshing if needed. Returns (accessToken, updatedCreds, error); updatedCreds is non-nil only when refreshed.

func LoadClaudeCredentials added in v0.16.0 

func LoadClaudeCredentials() (*ClaudeCredentials, string, error)

LoadClaudeCredentials loads Claude credentials with the following priority:

  1. CLAUDE_CODE_OAUTH_TOKEN env var → synthetic credentials
  2. ANTHROPIC_API_KEY env var → nil (API key mode)
  3. ~/.config/pando/auth/claude.json (pando's own store)
  4. ~/.claude/.credentials.json (read-only fallback from Claude Code)

Returns (creds, source, error) where source is "env", "pando", or "claude-code".

func RefreshClaudeToken added in v0.16.0 

func RefreshClaudeToken(creds *ClaudeCredentials) (*ClaudeCredentials, error)

RefreshClaudeToken uses the refresh token to obtain a new access token.

type ClaudeOAuthToken added in v0.16.0 

type ClaudeOAuthToken struct {
	AccessToken      string   `json:"accessToken"`
	RefreshToken     string   `json:"refreshToken,omitempty"`
	ExpiresAt        int64    `json:"expiresAt"` // Unix milliseconds
	Scopes           []string `json:"scopes,omitempty"`
	SubscriptionType string   `json:"subscriptionType,omitempty"`
	RateLimitTier    string   `json:"rateLimitTier,omitempty"`
}

ClaudeOAuthToken holds the OAuth token details.

type ClaudeProfile added in v0.16.0 

type ClaudeProfile struct {
	DisplayName  string `json:"display_name"`
	EmailAddress string `json:"email_address"`
}

ClaudeProfile holds the user profile from Claude API.

func GetClaudeProfile added in v0.16.0 

func GetClaudeProfile(accessToken string) (*ClaudeProfile, error)

GetClaudeProfile fetches the user profile from the Claude API.

type CopilotAuthStatus 

type CopilotAuthStatus struct {
	Authenticated bool
	Source        string
	EnterpriseURL string
	Message       string
}

func GetCopilotAuthStatus 

func GetCopilotAuthStatus() CopilotAuthStatus

type CopilotDeviceCode 

type CopilotDeviceCode struct {
	DeviceCode      string `json:"device_code"`
	UserCode        string `json:"user_code"`
	VerificationURI string `json:"verification_uri"`
	Interval        int    `json:"interval"`
	ExpiresIn       int    `json:"expires_in"`
}

func StartCopilotDeviceFlow 

func StartCopilotDeviceFlow(ctx context.Context, enterpriseURL string) (*CopilotDeviceCode, error)

type CopilotSession 

type CopilotSession struct {
	Provider      string `json:"provider,omitempty"`
	AccessToken   string `json:"access_token"`
	TokenType     string `json:"token_type,omitempty"`
	Scope         string `json:"scope,omitempty"`
	ExpiresAt     int64  `json:"expires_at,omitempty"`
	EnterpriseURL string `json:"enterprise_url,omitempty"`
	CreatedAt     int64  `json:"created_at,omitempty"`
}

func CompleteCopilotDeviceFlow 

func CompleteCopilotDeviceFlow(ctx context.Context, enterpriseURL string, deviceCode *CopilotDeviceCode) (*CopilotSession, error)

func LoadCopilotSession 

func LoadCopilotSession() (*CopilotSession, error)

func PollCopilotDeviceFlow 

func PollCopilotDeviceFlow(ctx context.Context, enterpriseURL string, deviceCode *CopilotDeviceCode) (*CopilotSession, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.