Documentation

Overview

    Package googleoauth contains some helpers related to Google OAuth2.

    Index

    Constants

    View Source
    const (
    	// TokeninfoEndpoint is Google's token info endpoint.
    	TokeninfoEndpoint = "https://oauth2.googleapis.com/tokeninfo"
    )

    Variables

    View Source
    var ErrBadToken = errors.New("bad token")

      ErrBadToken is returned by GetTokenInfo if the passed token is invalid.

      Functions

      This section is empty.

      Types

      type TokenInfo

      type TokenInfo struct {
      	Azp           string `json:"azp"`
      	Aud           string `json:"aud"`
      	Sub           string `json:"sub"`
      	Scope         string `json:"scope"`
      	Exp           int64  `json:"exp,string"`
      	ExpiresIn     int64  `json:"expires_in,string"`
      	Email         string `json:"email"`
      	EmailVerified bool   `json:"email_verified,string"`
      	AccessType    string `json:"access_type"`
      }

        TokenInfo is information about an access or ID tokens.

        Of primary importance are 'email', 'email_verified', 'scope' and 'aud' fields. If the caller using token info endpoint to validate tokens, it MUST check correctness of these fields.

        func GetTokenInfo

        func GetTokenInfo(c context.Context, params TokenInfoParams) (*TokenInfo, error)

          GetTokenInfo queries token info endpoint and returns information about the token if it is recognized.

          See https://developers.google.com/identity/sign-in/android/backend-auth#calling-the-tokeninfo-endpoint.

          On invalid token (as indicated by 4** HTTP response) returns ErrBadToken. On other HTTP-level errors (e.g HTTP 500) returns transient-wrapped *googleapi.Error. On network-level errors returns them in a transient wrapper.

          type TokenInfoParams

          type TokenInfoParams struct {
          	AccessToken string // an access token to check
          	IDToken     string // an ID token to check (overrides AccessToken)
          
          	Client   *http.Client // non-authenticating client to use for the call
          	Endpoint string       // an endpoint to use instead of the default one
          }

            TokenInfoParams are parameters for GetTokenInfo call.

            Source Files