authapi

package

v0.385.0 Latest Latest Go to latest Published: Apr 24, 2024 License: AGPL-3.0 Imports: 25 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/teamkeel/keel

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func AuthorizeHandler(schema *proto.Schema) common.HandlerFunc
func CallbackHandler(schema *proto.Schema) common.HandlerFunc
func GetClientSecret(ctx context.Context, provider *config.Provider) (string, bool)
func OAuthOpenApiSchema() common.HandlerFunc
func ProvidersHandler(schema *proto.Schema) common.HandlerFunc
func RevokeHandler(schema *proto.Schema) common.HandlerFunc
func TokenEndpointHandler(schema *proto.Schema) common.HandlerFunc
type ErrorResponse
type ProviderResponse
type RevokeEndpointErrorResponse
type TokenResponse

Constants ¶

View Source

const (
	// The request is missing a required parameter, includes an
	// invalid parameter value, includes a parameter more than
	// once, or is otherwise malformed.
	AuthorizationErrInvalidRequest = "invalid_request"
	// The client is not authorized to request an authorization
	// code using this method.
	AuthorizationErrUnauthorizedClient = "unauthorized_client"
	// The resource owner or authorization server denied the
	// request.
	AuthorizationErrAccessDenied = "access_denied"
	// The authorization server encountered an unexpected
	// condition that prevented it from fulfilling the request.
	// (This error code is needed because a 500 Internal Server
	// Error HTTP status code cannot be returned to the client
	// via an HTTP redirect.)
	AuthorizationErrServerError = "server_error"
)

Error response types for the authorization endpoint https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1

View Source

const (
	ArgGrantType          = "grant_type"
	ArgSubjectToken       = "subject_token"
	ArgSubjectTokenType   = "subject_token_type"
	ArgRequestedTokenType = "requested_token_type"
	ArgCode               = "code"
	ArgRefreshToken       = "refresh_token"
	ArgToken              = "token"
	ArgUsername           = "username"
	ArgPassword           = "password"
	ArgCreateIfNotExists  = "create_if_not_exists"
)

https://datatracker.ietf.org/doc/html/rfc6749#section-5.2 https://datatracker.ietf.org/doc/html/rfc7009#section-2.1

View Source

const (
	TokenErrUnsupportedGrantType = "unsupported_grant_type"
	TokenErrInvalidClient        = "invalid_client"
	TokenErrInvalidRequest       = "invalid_request"
)

https://datatracker.ietf.org/doc/html/rfc6749#section-5.2

View Source

const (
	GrantTypeImplicit          = "implicit"
	GrantTypePassword          = "password"
	GrantTypeClientCredentials = "client_credentials"
	GrantTypeAuthCode          = "authorization_code"
	GrantTypeRefreshToken      = "refresh_token"
	GrantTypeTokenExchange     = "token_exchange"
)

View Source

const (
	TokenType = "bearer"
)

Variables ¶

This section is empty.

Functions ¶

func AuthorizeHandler ¶ added in v0.373.0

func AuthorizeHandler(schema *proto.Schema) common.HandlerFunc

AuthorizeHandler is a redirection endpoint that will redirect to the provider's sign-in/auth page

func CallbackHandler ¶ added in v0.373.0

func CallbackHandler(schema *proto.Schema) common.HandlerFunc

CallbackHandler is called by the provider after the authentication process is complete

If there is something wrong with the syntax of the request, such as the redirect_uri or client_id is invalid, then it’s important not to redirect the user and instead you should show the error message directly. This is to avoid letting your authorization server be used as an open redirector.

func GetClientSecret ¶ added in v0.373.0

func GetClientSecret(ctx context.Context, provider *config.Provider) (string, bool)

func OAuthOpenApiSchema ¶ added in v0.380.0

func OAuthOpenApiSchema() common.HandlerFunc

func ProvidersHandler ¶ added in v0.373.0

func ProvidersHandler(schema *proto.Schema) common.HandlerFunc

func RevokeHandler ¶

func RevokeHandler(schema *proto.Schema) common.HandlerFunc

func TokenEndpointHandler ¶

func TokenEndpointHandler(schema *proto.Schema) common.HandlerFunc

TokenEndpointHandler handles requests to the token endpoint for the various grant types we support. OAuth2.0 specification: https://datatracker.ietf.org/doc/html/rfc6749#section-3.2 OpenID Connect specification for Token Endpoint: https://openid.net/specs/openid-connect-standard-1_0-21_orig.html#token_ep

Types ¶

type ErrorResponse ¶

type ErrorResponse struct {
	Error            string `json:"error,omitempty"`
	ErrorDescription string `json:"error_description,omitempty"`
}

https://openid.net/specs/openid-connect-standard-1_0-21_orig.html#AccessTokenErrorResponse https://datatracker.ietf.org/doc/html/rfc7009#section-2.2

type ProviderResponse ¶ added in v0.373.0

type ProviderResponse struct {
	Name         string `json:"name"`
	Type         string `json:"type"`
	AuthorizeUrl string `json:"authorizeUrl"`
	CallbackUrl  string `json:"callbackUrl"`
}

type RevokeEndpointErrorResponse ¶

type RevokeEndpointErrorResponse struct {
	Error            string `json:"error,omitempty"`
	ErrorDescription string `json:"error_description,omitempty"`
}

type TokenResponse ¶

type TokenResponse struct {
	AccessToken  string `json:"access_token"`
	TokenType    string `json:"token_type"`
	ExpiresIn    int    `json:"expires_in"`
	RefreshToken string `json:"refresh_token,omitempty"`
	Created      bool   `json:"identity_created"`
}

https://openid.net/specs/openid-connect-standard-1_0-21_orig.html#AccessTokenResponse

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL