Documentation
¶
Index ¶
- func BuildAuthorizeURL(cfg OAuthProviderConfig, pkce PKCECodes, state, redirectURI string) string
- func DeleteAllCredentials() error
- func DeleteCredential(provider string) error
- func GenerateState() (string, error)
- func OpenBrowser(url string) error
- func SaveStore(store *AuthStore) error
- func SetCredential(provider string, cred *AuthCredential) error
- type AuthCredential
- func ExchangeCodeForTokens(cfg OAuthProviderConfig, code, codeVerifier, redirectURI string) (*AuthCredential, error)
- func GetCredential(provider string) (*AuthCredential, error)
- func LoginBrowser(cfg OAuthProviderConfig) (*AuthCredential, error)
- func LoginDeviceCode(cfg OAuthProviderConfig) (*AuthCredential, error)
- func LoginPasteToken(provider string, r io.Reader) (*AuthCredential, error)
- func PollDeviceCodeOnce(cfg OAuthProviderConfig, deviceAuthID, userCode string) (*AuthCredential, error)
- func RefreshAccessToken(cred *AuthCredential, cfg OAuthProviderConfig) (*AuthCredential, error)
- type AuthStore
- type DeviceCodeInfo
- type OAuthProviderConfig
- type PKCECodes
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BuildAuthorizeURL ¶
func BuildAuthorizeURL(cfg OAuthProviderConfig, pkce PKCECodes, state, redirectURI string) string
func DeleteAllCredentials ¶
func DeleteAllCredentials() error
func DeleteCredential ¶
func GenerateState ¶ added in v0.2.0
GenerateState generates a random state string for OAuth CSRF protection.
func OpenBrowser ¶ added in v0.2.0
OpenBrowser opens the given URL in the user's default browser.
func SetCredential ¶
func SetCredential(provider string, cred *AuthCredential) error
Types ¶
type AuthCredential ¶
type AuthCredential struct {
AccessToken string `json:"access_token"`
RefreshToken string `json:"refresh_token,omitempty"`
AccountID string `json:"account_id,omitempty"`
ExpiresAt time.Time `json:"expires_at,omitempty"`
Provider string `json:"provider"`
AuthMethod string `json:"auth_method"`
Email string `json:"email,omitempty"`
ProjectID string `json:"project_id,omitempty"`
}
func ExchangeCodeForTokens ¶ added in v0.2.0
func ExchangeCodeForTokens(cfg OAuthProviderConfig, code, codeVerifier, redirectURI string) (*AuthCredential, error)
ExchangeCodeForTokens exchanges an authorization code for tokens.
func GetCredential ¶
func GetCredential(provider string) (*AuthCredential, error)
func LoginBrowser ¶
func LoginBrowser(cfg OAuthProviderConfig) (*AuthCredential, error)
func LoginDeviceCode ¶
func LoginDeviceCode(cfg OAuthProviderConfig) (*AuthCredential, error)
func LoginPasteToken ¶
func LoginPasteToken(provider string, r io.Reader) (*AuthCredential, error)
func PollDeviceCodeOnce ¶ added in v0.2.0
func PollDeviceCodeOnce(cfg OAuthProviderConfig, deviceAuthID, userCode string) (*AuthCredential, error)
PollDeviceCodeOnce makes a single poll attempt to check if the user has authenticated. Returns (credential, nil) on success, (nil, nil) if still pending, or (nil, err) on failure.
func RefreshAccessToken ¶
func RefreshAccessToken(cred *AuthCredential, cfg OAuthProviderConfig) (*AuthCredential, error)
func (*AuthCredential) IsExpired ¶
func (c *AuthCredential) IsExpired() bool
func (*AuthCredential) NeedsRefresh ¶
func (c *AuthCredential) NeedsRefresh() bool
type AuthStore ¶
type AuthStore struct {
Credentials map[string]*AuthCredential `json:"credentials"`
}
type DeviceCodeInfo ¶ added in v0.2.0
type DeviceCodeInfo struct {
DeviceAuthID string `json:"device_auth_id"`
UserCode string `json:"user_code"`
VerifyURL string `json:"verify_url"`
Interval int `json:"interval"`
}
DeviceCodeInfo holds the device code information returned by the OAuth provider.
func RequestDeviceCode ¶ added in v0.2.0
func RequestDeviceCode(cfg OAuthProviderConfig) (*DeviceCodeInfo, error)
RequestDeviceCode requests a device code from the OAuth provider. Returns the info needed for the user to authenticate in a browser.
type OAuthProviderConfig ¶
type OAuthProviderConfig struct {
Issuer string
ClientID string
ClientSecret string // Required for Google OAuth (confidential client)
TokenURL string // Override token endpoint (Google uses a different URL than issuer)
Scopes string
Originator string
Port int
}
func GoogleAntigravityOAuthConfig ¶ added in v0.2.0
func GoogleAntigravityOAuthConfig() OAuthProviderConfig
GoogleAntigravityOAuthConfig returns the OAuth configuration for Google Cloud Code Assist (Antigravity). Client credentials are the same ones used by OpenCode/pi-ai for Cloud Code Assist access.
func OpenAIOAuthConfig ¶
func OpenAIOAuthConfig() OAuthProviderConfig