auth

package

v0.2.0 Latest Latest Go to latest Published: Feb 28, 2026 License: MIT Imports: 20 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/sipeed/picoclaw

Links

Open Source Insights

Documentation ¶

Index ¶

func BuildAuthorizeURL(cfg OAuthProviderConfig, pkce PKCECodes, state, redirectURI string) string
func DeleteAllCredentials() error
func DeleteCredential(provider string) error
func GenerateState() (string, error)
func OpenBrowser(url string) error
func SaveStore(store *AuthStore) error
func SetCredential(provider string, cred *AuthCredential) error
type AuthCredential
- func (c *AuthCredential) IsExpired() bool
- func (c *AuthCredential) NeedsRefresh() bool
type AuthStore
- func LoadStore() (*AuthStore, error)
type DeviceCodeInfo
- func RequestDeviceCode(cfg OAuthProviderConfig) (*DeviceCodeInfo, error)
type OAuthProviderConfig
- func GoogleAntigravityOAuthConfig() OAuthProviderConfig
- func OpenAIOAuthConfig() OAuthProviderConfig
type PKCECodes
- func GeneratePKCE() (PKCECodes, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func BuildAuthorizeURL ¶

func BuildAuthorizeURL(cfg OAuthProviderConfig, pkce PKCECodes, state, redirectURI string) string

func DeleteAllCredentials ¶

func DeleteAllCredentials() error

func DeleteCredential ¶

func DeleteCredential(provider string) error

func GenerateState ¶ added in v0.2.0

func GenerateState() (string, error)

GenerateState generates a random state string for OAuth CSRF protection.

func OpenBrowser ¶ added in v0.2.0

func OpenBrowser(url string) error

OpenBrowser opens the given URL in the user's default browser.

func SaveStore ¶

func SaveStore(store *AuthStore) error

func SetCredential ¶

func SetCredential(provider string, cred *AuthCredential) error

Types ¶

type AuthCredential ¶

type AuthCredential struct {
	AccessToken  string    `json:"access_token"`
	RefreshToken string    `json:"refresh_token,omitempty"`
	AccountID    string    `json:"account_id,omitempty"`
	ExpiresAt    time.Time `json:"expires_at,omitempty"`
	Provider     string    `json:"provider"`
	AuthMethod   string    `json:"auth_method"`
	Email        string    `json:"email,omitempty"`
	ProjectID    string    `json:"project_id,omitempty"`
}

func ExchangeCodeForTokens ¶ added in v0.2.0

func ExchangeCodeForTokens(cfg OAuthProviderConfig, code, codeVerifier, redirectURI string) (*AuthCredential, error)

ExchangeCodeForTokens exchanges an authorization code for tokens.

func GetCredential ¶

func GetCredential(provider string) (*AuthCredential, error)

func LoginBrowser ¶

func LoginBrowser(cfg OAuthProviderConfig) (*AuthCredential, error)

func LoginDeviceCode ¶

func LoginDeviceCode(cfg OAuthProviderConfig) (*AuthCredential, error)

func LoginPasteToken ¶

func LoginPasteToken(provider string, r io.Reader) (*AuthCredential, error)

func PollDeviceCodeOnce ¶ added in v0.2.0

func PollDeviceCodeOnce(cfg OAuthProviderConfig, deviceAuthID, userCode string) (*AuthCredential, error)

PollDeviceCodeOnce makes a single poll attempt to check if the user has authenticated. Returns (credential, nil) on success, (nil, nil) if still pending, or (nil, err) on failure.

func RefreshAccessToken ¶

func RefreshAccessToken(cred *AuthCredential, cfg OAuthProviderConfig) (*AuthCredential, error)

func (*AuthCredential) IsExpired ¶

func (c *AuthCredential) IsExpired() bool

func (*AuthCredential) NeedsRefresh ¶

func (c *AuthCredential) NeedsRefresh() bool

type AuthStore ¶

type AuthStore struct {
	Credentials map[string]*AuthCredential `json:"credentials"`
}

func LoadStore ¶

func LoadStore() (*AuthStore, error)

type DeviceCodeInfo ¶ added in v0.2.0

type DeviceCodeInfo struct {
	DeviceAuthID string `json:"device_auth_id"`
	UserCode     string `json:"user_code"`
	VerifyURL    string `json:"verify_url"`
	Interval     int    `json:"interval"`
}

DeviceCodeInfo holds the device code information returned by the OAuth provider.

func RequestDeviceCode ¶ added in v0.2.0

func RequestDeviceCode(cfg OAuthProviderConfig) (*DeviceCodeInfo, error)

RequestDeviceCode requests a device code from the OAuth provider. Returns the info needed for the user to authenticate in a browser.

type OAuthProviderConfig ¶

type OAuthProviderConfig struct {
	Issuer       string
	ClientID     string
	ClientSecret string // Required for Google OAuth (confidential client)
	TokenURL     string // Override token endpoint (Google uses a different URL than issuer)
	Scopes       string
	Originator   string
	Port         int
}

func GoogleAntigravityOAuthConfig ¶ added in v0.2.0

func GoogleAntigravityOAuthConfig() OAuthProviderConfig

GoogleAntigravityOAuthConfig returns the OAuth configuration for Google Cloud Code Assist (Antigravity). Client credentials are the same ones used by OpenCode/pi-ai for Cloud Code Assist access.

func OpenAIOAuthConfig ¶

func OpenAIOAuthConfig() OAuthProviderConfig

type PKCECodes ¶

type PKCECodes struct {
	CodeVerifier  string
	CodeChallenge string
}

func GeneratePKCE ¶

func GeneratePKCE() (PKCECodes, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL