google

package module

v0.0.0-...-75cf163 Latest Latest Go to latest Published: Aug 18, 2023 License: Apache-2.0 Imports: 20 Imported by: 2

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/salrashid123/oauth2

Documentation ¶

Index ¶

Constants
func IdTokenSource(tokenConfig *IdTokenConfig) (oauth2.TokenSource, error)
func NewIDTokenRPCCredential(ctx context.Context, tokenSource oauth2.TokenSource) (credentials.PerRPCCredentials, error)
func VerifyGoogleIDToken(ctx context.Context, token string, aud string) (*oidc.IDToken, error)
type GCEExtension
type IAMExtension
type IdTokenConfig
type TokenSource
- func (ts TokenSource) GetRequestMetadata(ctx context.Context, uri ...string) (map[string]string, error)
- func (ts TokenSource) RequireTransportSecurity() bool

Constants ¶

View Source

const (
	GCEFullFormat = "full"
)

Variables ¶

This section is empty.

Functions ¶

func IdTokenSource ¶

func IdTokenSource(tokenConfig *IdTokenConfig) (oauth2.TokenSource, error)

IdTokenSource returns a TokenSource which returns a GoogleOIDC token

tokenConfig (IdTokenConfig): The root Credential object which will
    be used to generate the IDToken.

https://medium.com/google-cloud/authenticating-using-google-openid-connect-tokens-e7675051213b

func NewIDTokenRPCCredential ¶

func NewIDTokenRPCCredential(ctx context.Context, tokenSource oauth2.TokenSource) (credentials.PerRPCCredentials, error)

NewIDTokenRPCCredential returns a crdential object for use with gRPC clients

func VerifyGoogleIDToken ¶

func VerifyGoogleIDToken(ctx context.Context, token string, aud string) (*oidc.IDToken, error)

VerifyGoogleIDToken verifies the IdToken for expiration, signature against Google's certificates

and the audience it should be issued to
returns false if unverified
TODO: return struct to allow inspection of the actual claims, not just true/false of the
      signature+expiration+audience

Types ¶

type GCEExtension ¶

type GCEExtension struct {
	Format       string
	IncludeEmail bool
}

type IAMExtension ¶

type IAMExtension struct {
	IncludeEmail bool
}

type IdTokenConfig ¶

type IdTokenConfig struct {
	Credentials  *google.Credentials
	Audiences    []string
	GCEExtension GCEExtension
	IAMExtension IAMExtension
}

IdTokeConfig parameters to initialize IdTokenSource

Audience and Credential fields are both required.

type TokenSource ¶

type TokenSource struct {
	oauth2.TokenSource
}

TokenSource here is used to initlaize gRPC Credentials START Section for PerRPCCredentials

func (TokenSource) GetRequestMetadata ¶

func (ts TokenSource) GetRequestMetadata(ctx context.Context, uri ...string) (map[string]string, error)

GetRequestMetadata gets the request metadata as a map from a TokenSource.

func (TokenSource) RequireTransportSecurity ¶

func (ts TokenSource) RequireTransportSecurity() bool

RequireTransportSecurity indicates whether the credentials requires transport security.

Source Files ¶

View all Source files

idtoken.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL