Documentation ¶
Index ¶
- Constants
- Variables
- func WithBaseURL(u string) func(*Client)
- func WithHTTPClient(h *http.Client) func(*Client)
- func WithJWKProxy(p jwkproxy.Interface) func(*Client)
- func WithJWTParser(p *jwt.Parser) func(*Client)
- type Client
- func (c *Client) AuthURL(mode string, scopes []string, state, nonce string) string
- func (c *Client) ParseIDToken(token string) (*IDTokenClaims, error)
- func (c *Client) ParseIDTokenContext(ctx context.Context, token string) (*IDTokenClaims, error)
- func (c *Client) ValidateCode(code, nonce string, exp time.Duration) (*TokenResponse, error)
- func (c *Client) ValidateCodeContext(ctx context.Context, code, nonce string, exp time.Duration) (*TokenResponse, error)
- func (c *Client) ValidateRefreshToken(token string, exp time.Duration) (*TokenResponse, error)
- func (c *Client) ValidateRefreshTokenContext(ctx context.Context, token string, exp time.Duration) (*TokenResponse, error)
- type ErrorResponse
- type FlexBool
- type IDTokenClaims
- type TokenResponse
Constants ¶
View Source
const ( MaxExpiration = 15777000 * time.Second // half a year ResponseModeQuery = "query" ResponseModePost = "form_post" ScopeEmail = "email" ScopeName = "name" )
View Source
const ( ReasonInvalidRequest = "invalid_request" ReasonInvalidClient = "invalid_client" ReasonInvalidGrant = "invalid_grant" ReasonUnsupportedGrantType = "unsupported_grant_type" ReasonInvalidScope = "invalid_scope" )
Variables ¶
Functions ¶
func WithBaseURL ¶
func WithHTTPClient ¶
func WithJWKProxy ¶
func WithJWTParser ¶
func WithJWTParser(p *jwt.Parser) func(*Client)
Types ¶
type Client ¶
type Client struct { RedirectURL string // contains filtered or unexported fields }
func (*Client) ParseIDToken ¶
func (c *Client) ParseIDToken(token string) (*IDTokenClaims, error)
func (*Client) ParseIDTokenContext ¶
func (*Client) ValidateCode ¶
func (*Client) ValidateCodeContext ¶
func (*Client) ValidateRefreshToken ¶
func (*Client) ValidateRefreshTokenContext ¶
type ErrorResponse ¶
type ErrorResponse struct {
Reason string `json:"error"`
}
ErrorResponse see https://developer.apple.com/documentation/sign_in_with_apple/errorresponse.
func (*ErrorResponse) Error ¶
func (r *ErrorResponse) Error() string
type IDTokenClaims ¶
type IDTokenClaims struct { Iss string `json:"iss"` Sub string `json:"sub"` Aud string `json:"aud"` Iat int64 `json:"iat"` Exp interface{} `json:"exp"` Nonce string `json:"nonce,omitempty"` NonceSupported bool `json:"nonce_supported"` AuthTime int64 `json:"auth_time,omitempty"` AtHash string `json:"at_hash"` Email string `json:"email"` EmailVerified FlexBool `json:"email_verified"` // apple returns as string "true" EmailPrivate FlexBool `json:"is_private_email"` // apple returns as string "true" RealUserStatus int8 `json:"real_user_status"` }
func (*IDTokenClaims) Valid ¶
func (c *IDTokenClaims) Valid(h *jwt.ValidationHelper) error
Valid validates standard claims using jwt.ValidationHelper Validates time based claims "exp" (see: jwt.WithLeeway) Validates "aud" if present in claims. (see: jwt.WithAudience, jwt.WithoutAudienceValidation) Validates "iss" if option is provided (see: jwt.WithIssuer).
type TokenResponse ¶
type TokenResponse struct { ExpiresIn int `json:"expires_in"` IDToken *IDTokenClaims `json:"id_token"` AccessToken string `json:"access_token"` RefreshToken string `json:"refresh_token"` TokenType string `json:"token_type"` }
Source Files ¶
Click to show internal directories.
Click to hide internal directories.