Documentation
¶
Index ¶
- Variables
- func GenerateCodeChallenge(codeVerifier string) string
- func GenerateCodeVerifier() string
- func GenerateSignInUri(option *SignInUriGenerationOptions) (string, error)
- func GenerateSignOutUri(option *SignOutUriGenerationOptions) (string, error)
- func GenerateState() string
- func Revoke(client *http.Client, options *RevocationOptions) error
- func VerifyAndParseCodeFromCallbackUri(callbackUri, redirectUri, state string) (string, error)
- func VerifyIdToken(idToken, clientId, issuer string, jwks *jose.JSONWebKeySet) error
- type CodeTokenResponse
- type FetchTokenByAuthorizationCodeOptions
- type FetchTokenByRefreshTokenOptions
- type IdTokenClaims
- type JwksResponse
- type OidcConfigResponse
- type RefreshTokenResponse
- type RevocationOptions
- type SignInUriGenerationOptions
- type SignOutUriGenerationOptions
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrTokenIssuerNotMatch = errors.New("token issuer not match") ErrTokenAudienceNotMatch = errors.New("token audience not match") ErrTokenExpired = errors.New("token expired") ErrTokenIssuedInTheFuture = errors.New("token issued in the future") ErrTokenIssuedInThePast = errors.New("token issued in the past") ErrCallbackUriNotMatchRedirectUri = errors.New("callback uri not match redirect uri") ErrStateNotMatch = errors.New("state not match") ErrCodeNotFoundInCallbackUri = errors.New("code not found in callback uri") )
View Source
var ISSUED_AT_RESTRICTIONS int64 = 60 // in seconds
Functions ¶
func GenerateCodeChallenge ¶
func GenerateCodeVerifier ¶
func GenerateCodeVerifier() string
func GenerateSignInUri ¶
func GenerateSignInUri(option *SignInUriGenerationOptions) (string, error)
func GenerateSignOutUri ¶
func GenerateSignOutUri(option *SignOutUriGenerationOptions) (string, error)
func GenerateState ¶
func GenerateState() string
func VerifyIdToken ¶
Types ¶
type CodeTokenResponse ¶
type CodeTokenResponse struct {
AccessToken string `json:"access_token"`
RefreshToken string `json:"refresh_token"`
IdToken string `json:"id_token"`
Scope string `json:"scope"`
ExpireIn int `json:"expires_in"`
}
func FetchTokenByAuthorizationCode ¶
func FetchTokenByAuthorizationCode(client *http.Client, options *FetchTokenByAuthorizationCodeOptions) (CodeTokenResponse, error)
type IdTokenClaims ¶
type IdTokenClaims struct {
Sub string `json:"sub"`
Aud string `json:"aud"`
Exp int64 `json:"exp"`
Iat int64 `json:"iat"`
Iss string `json:"iss"`
AtHash string `json:"at_hash"`
Username string `json:"username"`
Name string `json:"name"`
Avatar string `json:"avatar"`
RoleNames []string `json:"role_names"`
}
func DecodeIdToken ¶
func DecodeIdToken(token string) (IdTokenClaims, error)
type JwksResponse ¶
type OidcConfigResponse ¶
type OidcConfigResponse struct {
AuthorizationEndpoint string `json:"authorization_endpoint"`
TokenEndpoint string `json:"token_endpoint"`
EndSessionEndpoint string `json:"end_session_endpoint"`
RevocationEndpoint string `json:"revocation_endpoint"`
JwksUri string `json:"jwks_uri"`
Issuer string `json:"issuer"`
}
func FetchOidcConfig ¶
func FetchOidcConfig(client *http.Client, endpoint string) (OidcConfigResponse, error)
type RefreshTokenResponse ¶
type RefreshTokenResponse = CodeTokenResponse
func FetchTokenByRefreshToken ¶
func FetchTokenByRefreshToken(client *http.Client, options *FetchTokenByRefreshTokenOptions) (RefreshTokenResponse, error)
type RevocationOptions ¶
Source Files
Click to show internal directories.
Click to hide internal directories.