v0.17.0 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Feb 8, 2024 License: BSD-3-Clause Imports: 18 Imported by: 0



Package internal contains support packages for oauth2 package.



This section is empty.


This section is empty.


func ContextClient

func ContextClient(ctx context.Context) *http.Client

func ParseKey

func ParseKey(key []byte) (*rsa.PrivateKey, error)

ParseKey converts the binary contents of a private key file to an *rsa.PrivateKey. It detects whether the private key is in a PEM container or not. If so, it extracts the private key from PEM container before conversion. It only supports PEM containers with no passphrase.

func RegisterBrokenAuthHeaderProvider deprecated

func RegisterBrokenAuthHeaderProvider(tokenURL string)

RegisterBrokenAuthHeaderProvider previously did something. It is now a no-op.

Deprecated: this function no longer does anything. Caller code that wants to avoid potential extra HTTP requests made during auto-probing of the provider's auth style should set Endpoint.AuthStyle.


type AuthStyle

type AuthStyle int

AuthStyle is a copy of the package's AuthStyle type.

const (
	AuthStyleUnknown  AuthStyle = 0
	AuthStyleInParams AuthStyle = 1
	AuthStyleInHeader AuthStyle = 2

type AuthStyleCache added in v0.12.0

type AuthStyleCache struct {
	// contains filtered or unexported fields

AuthStyleCache is the set of tokenURLs we've successfully used via RetrieveToken and which style auth we ended up using. It's called a cache, but it doesn't (yet?) shrink. It's expected that the set of OAuth2 servers a program contacts over time is fixed and small.

type ContextKey

type ContextKey struct{}

ContextKey is just an empty struct. It exists so HTTPClient can be an immutable public variable with a unique type. It's immutable because nobody else can create a ContextKey, being unexported.

var HTTPClient ContextKey

HTTPClient is the context key to use with's WithValue function to associate an *http.Client value with a context.

type LazyAuthStyleCache added in v0.12.0

type LazyAuthStyleCache struct {
	// contains filtered or unexported fields

LazyAuthStyleCache is a backwards compatibility compromise to let Configs have a lazily-initialized AuthStyleCache.

The two users of this, oauth2.Config and oauth2/clientcredentials.Config, both would ideally just embed an unexported AuthStyleCache but because both were historically allowed to be copied by value we can't retroactively add an uncopyable Mutex to them.

We could use an atomic.Pointer, but that was added recently enough (in Go 1.18) that we'd break Go 1.17 users where the tests as of 2023-08-03 still pass. By using an atomic.Value, it supports both Go 1.17 and copying by value, even if that's not ideal.

func (*LazyAuthStyleCache) Get added in v0.12.0

type RetrieveError

type RetrieveError struct {
	Response         *http.Response
	Body             []byte
	ErrorCode        string
	ErrorDescription string
	ErrorURI         string

mirrors oauth2.RetrieveError

func (*RetrieveError) Error

func (r *RetrieveError) Error() string

type Token

type Token struct {
	// AccessToken is the token that authorizes and authenticates
	// the requests.
	AccessToken string

	// TokenType is the type of token.
	// The Type method returns either this or "Bearer", the default.
	TokenType string

	// RefreshToken is a token that's used by the application
	// (as opposed to the user) to refresh the access token
	// if it expires.
	RefreshToken string

	// Expiry is the optional expiration time of the access token.
	// If zero, TokenSource implementations will reuse the same
	// token forever and RefreshToken or equivalent
	// mechanisms for that TokenSource will not be used.
	Expiry time.Time

	// Raw optionally contains extra metadata from the server
	// when updating a token.
	Raw interface{}

Token represents the credentials used to authorize the requests to access protected resources on the OAuth 2.0 provider's backend.

This type is a mirror of oauth2.Token and exists to break an otherwise-circular dependency. Other internal packages should convert this Token into an oauth2.Token before use.

func RetrieveToken

func RetrieveToken(ctx context.Context, clientID, clientSecret, tokenURL string, v url.Values, authStyle AuthStyle, styleCache *AuthStyleCache) (*Token, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL