oauth2

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 16, 2016 License: Apache-2.0 Imports: 12 Imported by: 212

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessTokenStorage 

type AccessTokenStorage interface {
	CreateAccessTokenSession(ctx context.Context, signature string, request fosite.Requester) (err error)

	GetAccessTokenSession(ctx context.Context, signature string, session interface{}) (request fosite.Requester, err error)

	DeleteAccessTokenSession(ctx context.Context, signature string) (err error)
}

type AccessTokenStrategy 

type AccessTokenStrategy interface {
	AccessTokenSignature(token string) string
	GenerateAccessToken(ctx context.Context, requester fosite.Requester) (token string, signature string, err error)
	ValidateAccessToken(ctx context.Context, requester fosite.Requester, token string) (err error)
}

type AuthorizeCodeGrantStorage 

type AuthorizeCodeGrantStorage interface {
	AuthorizeCodeStorage

	PersistAuthorizeCodeGrantSession(ctx context.Context, authorizeCode, accessSignature, refreshSignature string, request fosite.Requester) error
}

type AuthorizeCodeStorage 

type AuthorizeCodeStorage interface {
	CreateAuthorizeCodeSession(ctx context.Context, code string, request fosite.Requester) (err error)

	GetAuthorizeCodeSession(ctx context.Context, code string, session interface{}) (request fosite.Requester, err error)

	DeleteAuthorizeCodeSession(ctx context.Context, code string) (err error)
}

type AuthorizeCodeStrategy 

type AuthorizeCodeStrategy interface {
	AuthorizeCodeSignature(token string) string
	GenerateAuthorizeCode(ctx context.Context, requester fosite.Requester) (token string, signature string, err error)
	ValidateAuthorizeCode(ctx context.Context, requester fosite.Requester, token string) (err error)
}

type AuthorizeExplicitGrantHandler 

type AuthorizeExplicitGrantHandler struct {
	AccessTokenStrategy   AccessTokenStrategy
	RefreshTokenStrategy  RefreshTokenStrategy
	AuthorizeCodeStrategy AuthorizeCodeStrategy

	// AuthorizeCodeGrantStorage is used to persist session data across requests.
	AuthorizeCodeGrantStorage AuthorizeCodeGrantStorage

	// AuthCodeLifespan defines the lifetime of an authorize code.
	AuthCodeLifespan time.Duration

	// AccessTokenLifespan defines the lifetime of an access token.
	AccessTokenLifespan time.Duration

	ScopeStrategy fosite.ScopeStrategy
}

AuthorizeExplicitGrantTypeHandler is a response handler for the Authorize Code grant using the explicit grant type as defined in https://tools.ietf.org/html/rfc6749#section-4.1

func (*AuthorizeExplicitGrantHandler) HandleAuthorizeEndpointRequest 

func (c *AuthorizeExplicitGrantHandler) HandleAuthorizeEndpointRequest(ctx context.Context, req *http.Request, ar fosite.AuthorizeRequester, resp fosite.AuthorizeResponder) error

func (*AuthorizeExplicitGrantHandler) HandleTokenEndpointRequest 

func (c *AuthorizeExplicitGrantHandler) HandleTokenEndpointRequest(ctx context.Context, r *http.Request, request fosite.AccessRequester) error

HandleTokenEndpointRequest implements * https://tools.ietf.org/html/rfc6749#section-4.1.3 (everything)

func (*AuthorizeExplicitGrantHandler) IssueAuthorizeCode 

func (c *AuthorizeExplicitGrantHandler) IssueAuthorizeCode(ctx context.Context, req *http.Request, ar fosite.AuthorizeRequester, resp fosite.AuthorizeResponder) error

func (*AuthorizeExplicitGrantHandler) PopulateTokenEndpointResponse 

func (c *AuthorizeExplicitGrantHandler) PopulateTokenEndpointResponse(ctx context.Context, req *http.Request, requester fosite.AccessRequester, responder fosite.AccessResponder) error

type AuthorizeImplicitGrantTypeHandler 

type AuthorizeImplicitGrantTypeHandler struct {
	AccessTokenStrategy AccessTokenStrategy

	// ImplicitGrantStorage is used to persist session data across requests.
	AccessTokenStorage AccessTokenStorage

	// AccessTokenLifespan defines the lifetime of an access token.
	AccessTokenLifespan time.Duration

	ScopeStrategy fosite.ScopeStrategy
}

AuthorizeImplicitGrantTypeHandler is a response handler for the Authorize Code grant using the implicit grant type as defined in https://tools.ietf.org/html/rfc6749#section-4.2

func (*AuthorizeImplicitGrantTypeHandler) HandleAuthorizeEndpointRequest 

func (c *AuthorizeImplicitGrantTypeHandler) HandleAuthorizeEndpointRequest(ctx context.Context, req *http.Request, ar fosite.AuthorizeRequester, resp fosite.AuthorizeResponder) error

func (*AuthorizeImplicitGrantTypeHandler) IssueImplicitAccessToken 

func (c *AuthorizeImplicitGrantTypeHandler) IssueImplicitAccessToken(ctx context.Context, req *http.Request, ar fosite.AuthorizeRequester, resp fosite.AuthorizeResponder) error

type ClientCredentialsGrantHandler 

type ClientCredentialsGrantHandler struct {
	*HandleHelper
	ScopeStrategy fosite.ScopeStrategy
}

func (*ClientCredentialsGrantHandler) HandleTokenEndpointRequest 

func (c *ClientCredentialsGrantHandler) HandleTokenEndpointRequest(_ context.Context, r *http.Request, request fosite.AccessRequester) error

IntrospectTokenEndpointRequest implements https://tools.ietf.org/html/rfc6749#section-4.4.2

func (*ClientCredentialsGrantHandler) PopulateTokenEndpointResponse 

func (c *ClientCredentialsGrantHandler) PopulateTokenEndpointResponse(ctx context.Context, r *http.Request, request fosite.AccessRequester, response fosite.AccessResponder) error

PopulateTokenEndpointResponse implements https://tools.ietf.org/html/rfc6749#section-4.4.3

type ClientCredentialsGrantStorage 

type ClientCredentialsGrantStorage interface {
	AccessTokenStorage
}

type CoreStorage 

type CoreStorage interface {
	AuthorizeCodeStorage
	AccessTokenStorage
	RefreshTokenStorage
}

type CoreStrategy 

type CoreStrategy interface {
	AccessTokenStrategy
	RefreshTokenStrategy
	AuthorizeCodeStrategy
}

type CoreValidator 

type CoreValidator struct {
	CoreStrategy
	CoreStorage
	ScopeStrategy fosite.ScopeStrategy
}

func (*CoreValidator) IntrospectToken added in v0.4.0 

func (c *CoreValidator) IntrospectToken(ctx context.Context, token string, tokenType fosite.TokenType, accessRequest fosite.AccessRequester, scopes []string) (err error)

type HMACSHAStrategy 

type HMACSHAStrategy struct {
	Enigma                *enigma.HMACStrategy
	AccessTokenLifespan   time.Duration
	AuthorizeCodeLifespan time.Duration
}

func (HMACSHAStrategy) AccessTokenSignature 

func (h HMACSHAStrategy) AccessTokenSignature(token string) string

func (HMACSHAStrategy) AuthorizeCodeSignature 

func (h HMACSHAStrategy) AuthorizeCodeSignature(token string) string

func (HMACSHAStrategy) GenerateAccessToken 

func (h HMACSHAStrategy) GenerateAccessToken(_ context.Context, _ fosite.Requester) (token string, signature string, err error)

func (HMACSHAStrategy) GenerateAuthorizeCode 

func (h HMACSHAStrategy) GenerateAuthorizeCode(_ context.Context, _ fosite.Requester) (token string, signature string, err error)

func (HMACSHAStrategy) GenerateRefreshToken 

func (h HMACSHAStrategy) GenerateRefreshToken(_ context.Context, _ fosite.Requester) (token string, signature string, err error)

func (HMACSHAStrategy) RefreshTokenSignature 

func (h HMACSHAStrategy) RefreshTokenSignature(token string) string

func (HMACSHAStrategy) ValidateAccessToken 

func (h HMACSHAStrategy) ValidateAccessToken(_ context.Context, r fosite.Requester, token string) (err error)

func (HMACSHAStrategy) ValidateAuthorizeCode 

func (h HMACSHAStrategy) ValidateAuthorizeCode(_ context.Context, r fosite.Requester, token string) (err error)

func (HMACSHAStrategy) ValidateRefreshToken 

func (h HMACSHAStrategy) ValidateRefreshToken(_ context.Context, _ fosite.Requester, token string) (err error)

type HMACSession 

type HMACSession struct {
	AccessTokenExpiry   time.Time
	AuthorizeCodeExpiry time.Time
}

HMACSession Container for the HMAC session.

func (*HMACSession) AccessTokenExpiresAt 

func (s *HMACSession) AccessTokenExpiresAt(fallback time.Time) time.Time

func (*HMACSession) AuthorizeCodeExpiresAt 

func (s *HMACSession) AuthorizeCodeExpiresAt(fallback time.Time) time.Time

type HMACSessionContainer 

type HMACSessionContainer interface {
	// AccessTokenExpiresAt returns the access token's expiry.
	AccessTokenExpiresAt(fallback time.Time) time.Time

	// AccessTokenExpiresAt returns the authorize code's expiry.
	AuthorizeCodeExpiresAt(fallback time.Time) time.Time
}

type HandleHelper 

type HandleHelper struct {
	AccessTokenStrategy AccessTokenStrategy
	AccessTokenStorage  AccessTokenStorage
	AccessTokenLifespan time.Duration
}

func (*HandleHelper) IssueAccessToken 

func (h *HandleHelper) IssueAccessToken(ctx context.Context, req *http.Request, requester fosite.AccessRequester, responder fosite.AccessResponder) error

type ImplicitGrantStorage 

type ImplicitGrantStorage interface {
	CreateImplicitAccessTokenSession(ctx context.Context, token string, request fosite.Requester) (err error)
}

type JWTSession 

type JWTSession struct {
	JWTClaims *jwt.JWTClaims
	JWTHeader *jwt.Headers
}

JWTSession Container for the JWT session.

func (*JWTSession) GetJWTClaims 

func (j *JWTSession) GetJWTClaims() *jwt.JWTClaims

func (*JWTSession) GetJWTHeader 

func (j *JWTSession) GetJWTHeader() *jwt.Headers

type JWTSessionContainer 

type JWTSessionContainer interface {
	// GetJWTClaims returns the claims.
	GetJWTClaims() *jwt.JWTClaims

	// GetJWTHeader returns the header.
	GetJWTHeader() *jwt.Headers
}

type RS256JWTStrategy 

type RS256JWTStrategy struct {
	*jwt.RS256JWTStrategy
}

RS256JWTStrategy is a JWT RS256 strategy.

func (RS256JWTStrategy) AccessTokenSignature 

func (h RS256JWTStrategy) AccessTokenSignature(token string) string

func (RS256JWTStrategy) AuthorizeCodeSignature 

func (h RS256JWTStrategy) AuthorizeCodeSignature(token string) string

func (*RS256JWTStrategy) GenerateAccessToken 

func (h *RS256JWTStrategy) GenerateAccessToken(_ context.Context, requester fosite.Requester) (token string, signature string, err error)

func (*RS256JWTStrategy) GenerateAuthorizeCode 

func (h *RS256JWTStrategy) GenerateAuthorizeCode(_ context.Context, requester fosite.Requester) (token string, signature string, err error)

func (*RS256JWTStrategy) GenerateRefreshToken 

func (h *RS256JWTStrategy) GenerateRefreshToken(_ context.Context, requester fosite.Requester) (token string, signature string, err error)

func (RS256JWTStrategy) RefreshTokenSignature 

func (h RS256JWTStrategy) RefreshTokenSignature(token string) string

func (*RS256JWTStrategy) ValidateAccessToken 

func (h *RS256JWTStrategy) ValidateAccessToken(_ context.Context, _ fosite.Requester, token string) error

func (*RS256JWTStrategy) ValidateAuthorizeCode 

func (h *RS256JWTStrategy) ValidateAuthorizeCode(_ context.Context, requester fosite.Requester, token string) error

func (*RS256JWTStrategy) ValidateRefreshToken 

func (h *RS256JWTStrategy) ValidateRefreshToken(_ context.Context, _ fosite.Requester, token string) error

type RefreshTokenGrantHandler 

type RefreshTokenGrantHandler struct {
	AccessTokenStrategy AccessTokenStrategy

	RefreshTokenStrategy RefreshTokenStrategy

	// RefreshTokenGrantStorage is used to persist session data across requests.
	RefreshTokenGrantStorage RefreshTokenGrantStorage

	// AccessTokenLifespan defines the lifetime of an access token.
	AccessTokenLifespan time.Duration
}

func (*RefreshTokenGrantHandler) HandleTokenEndpointRequest 

func (c *RefreshTokenGrantHandler) HandleTokenEndpointRequest(ctx context.Context, req *http.Request, request fosite.AccessRequester) error

HandleTokenEndpointRequest implements https://tools.ietf.org/html/rfc6749#section-6

func (*RefreshTokenGrantHandler) PopulateTokenEndpointResponse 

func (c *RefreshTokenGrantHandler) PopulateTokenEndpointResponse(ctx context.Context, req *http.Request, requester fosite.AccessRequester, responder fosite.AccessResponder) error

PopulateTokenEndpointResponse implements https://tools.ietf.org/html/rfc6749#section-6

type RefreshTokenGrantStorage 

type RefreshTokenGrantStorage interface {
	RefreshTokenStorage
	PersistRefreshTokenGrantSession(ctx context.Context, requestRefreshSignature, accessSignature, refreshSignature string, request fosite.Requester) error
}

type RefreshTokenStorage 

type RefreshTokenStorage interface {
	CreateRefreshTokenSession(ctx context.Context, signature string, request fosite.Requester) (err error)

	GetRefreshTokenSession(ctx context.Context, signature string, session interface{}) (request fosite.Requester, err error)

	DeleteRefreshTokenSession(ctx context.Context, signature string) (err error)
}

type RefreshTokenStrategy 

type RefreshTokenStrategy interface {
	RefreshTokenSignature(token string) string
	GenerateRefreshToken(ctx context.Context, requester fosite.Requester) (token string, signature string, err error)
	ValidateRefreshToken(ctx context.Context, requester fosite.Requester, token string) (err error)
}

type ResourceOwnerPasswordCredentialsGrantHandler 

type ResourceOwnerPasswordCredentialsGrantHandler struct {
	// ResourceOwnerPasswordCredentialsGrantStorage is used to persist session data across requests.
	ResourceOwnerPasswordCredentialsGrantStorage ResourceOwnerPasswordCredentialsGrantStorage

	RefreshTokenStrategy RefreshTokenStrategy
	ScopeStrategy        fosite.ScopeStrategy

	*HandleHelper
}

func (*ResourceOwnerPasswordCredentialsGrantHandler) HandleTokenEndpointRequest 

func (c *ResourceOwnerPasswordCredentialsGrantHandler) HandleTokenEndpointRequest(ctx context.Context, req *http.Request, request fosite.AccessRequester) error

HandleTokenEndpointRequest implements https://tools.ietf.org/html/rfc6749#section-4.3.2

func (*ResourceOwnerPasswordCredentialsGrantHandler) PopulateTokenEndpointResponse 

func (c *ResourceOwnerPasswordCredentialsGrantHandler) PopulateTokenEndpointResponse(ctx context.Context, req *http.Request, requester fosite.AccessRequester, responder fosite.AccessResponder) error

PopulateTokenEndpointResponse implements https://tools.ietf.org/html/rfc6749#section-4.3.3

type ResourceOwnerPasswordCredentialsGrantStorage 

type ResourceOwnerPasswordCredentialsGrantStorage interface {
	Authenticate(ctx context.Context, name string, secret string) error
	AccessTokenStorage
	RefreshTokenStorage
}

type TokenRevocationHandler added in v0.4.0 

type TokenRevocationHandler struct {
	TokenRevocationStorage TokenRevocationStorage
	RefreshTokenStrategy   RefreshTokenStrategy
	AccessTokenStrategy    AccessTokenStrategy
}

func (*TokenRevocationHandler) RevokeToken added in v0.4.0 

func (r *TokenRevocationHandler) RevokeToken(ctx context.Context, token string, tokenType fosite.TokenType) error

RevokeToken implements https://tools.ietf.org/html/rfc7009#section-2.1 The token type hint indicates which token type check should be performed first.

type TokenRevocationStorage added in v0.4.0 

type TokenRevocationStorage interface {
	RefreshTokenStorage
	AccessTokenStorage

	// RevokeRefreshToken revokes a refresh token as specified in:
	// https://tools.ietf.org/html/rfc7009#section-2.1
	// If the particular
	// token is a refresh token and the authorization server supports the
	// revocation of access tokens, then the authorization server SHOULD
	// also invalidate all access tokens based on the same authorization
	// grant (see Implementation Note).
	RevokeRefreshToken(ctx context.Context, requestID string) error

	// RevokeAccessToken revokes an access token as specified in:
	// https://tools.ietf.org/html/rfc7009#section-2.1
	// If the token passed to the request
	// is an access token, the server MAY revoke the respective refresh
	// token as well.
	RevokeAccessToken(ctx context.Context, requestID string) error
}

TokenRevocationStorage provides the storage implementation as specified in: https://tools.ietf.org/html/rfc7009

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.