oauth1

package
v1.11.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 6, 2024 License: Apache-2.0 Imports: 15 Imported by: 5

Documentation

Overview

Package oauth1 enables management of OpenStack OAuth1 tokens and Authentication.

Example to Create an OAuth1 Consumer 

createConsumerOpts := oauth1.CreateConsumerOpts{
	Description: "My consumer",
}
consumer, err := oauth1.CreateConsumer(identityClient, createConsumerOpts).Extract()
if err != nil {
	panic(err)
}

// NOTE: Consumer secret is available only on create response
fmt.Printf("Consumer: %+v\n", consumer)

Example to Request an unauthorized OAuth1 token 

requestTokenOpts := oauth1.RequestTokenOpts{
	OAuthConsumerKey:     consumer.ID,
	OAuthConsumerSecret:  consumer.Secret,
	OAuthSignatureMethod: oauth1.HMACSHA1,
	RequestedProjectID:   projectID,
}
requestToken, err := oauth1.RequestToken(identityClient, requestTokenOpts).Extract()
if err != nil {
	panic(err)
}

// NOTE: Request token secret is available only on request response
fmt.Printf("Request token: %+v\n", requestToken)

Example to Authorize an unauthorized OAuth1 token 

authorizeTokenOpts := oauth1.AuthorizeTokenOpts{
	Roles: []oauth1.Role{
		{Name: "member"},
	},
}
authToken, err := oauth1.AuthorizeToken(identityClient, requestToken.OAuthToken, authorizeTokenOpts).Extract()
if err != nil {
	panic(err)
}

fmt.Printf("Verifier ID of the unauthorized Token: %+v\n", authToken.OAuthVerifier)

Example to Create an OAuth1 Access Token 

accessTokenOpts := oauth1.CreateAccessTokenOpts{
	OAuthConsumerKey:     consumer.ID,
	OAuthConsumerSecret:  consumer.Secret,
	OAuthToken:           requestToken.OAuthToken,
	OAuthTokenSecret:     requestToken.OAuthTokenSecret,
	OAuthVerifier:        authToken.OAuthVerifier,
	OAuthSignatureMethod: oauth1.HMACSHA1,
}
accessToken, err := oauth1.CreateAccessToken(identityClient, accessTokenOpts).Extract()
if err != nil {
	panic(err)
}

// NOTE: Access token secret is available only on create response
fmt.Printf("OAuth1 Access Token: %+v\n", accessToken)

Example to List User's OAuth1 Access Tokens 

allPages, err := oauth1.ListAccessTokens(identityClient, userID).AllPages()
if err != nil {
	panic(err)
}
accessTokens, err := oauth1.ExtractAccessTokens(allPages)
if err != nil {
	panic(err)
}

for _, accessToken := range accessTokens {
	fmt.Printf("Access Token: %+v\n", accessToken)
}

Example to Authenticate a client using OAuth1 method 

client, err := openstack.NewClient("http://localhost:5000/v3")
if err != nil {
	panic(err)
}

authOptions := &oauth1.AuthOptions{
	// consumer token, created earlier
	OAuthConsumerKey:    consumer.ID,
	OAuthConsumerSecret: consumer.Secret,
	// access token, created earlier
	OAuthToken:           accessToken.OAuthToken,
	OAuthTokenSecret:     accessToken.OAuthTokenSecret,
	OAuthSignatureMethod: oauth1.HMACSHA1,
}
err = openstack.AuthenticateV3(client, authOptions, gophercloud.EndpointOpts{})
if err != nil {
	panic(err)
}

Example to Create a Token using OAuth1 method 

var oauth1Token struct {
	tokens.Token
	oauth1.TokenExt
}

createOpts := &oauth1.AuthOptions{
	// consumer token, created earlier
	OAuthConsumerKey:    consumer.ID,
	OAuthConsumerSecret: consumer.Secret,
	// access token, created earlier
	OAuthToken:           accessToken.OAuthToken,
	OAuthTokenSecret:     accessToken.OAuthTokenSecret,
	OAuthSignatureMethod: oauth1.HMACSHA1,
}
err := tokens.Create(identityClient, createOpts).ExtractInto(&oauth1Token)
if err != nil {
	panic(err)
}

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Create 

func Create(client *gophercloud.ServiceClient, opts tokens.AuthOptionsBuilder) (r tokens.CreateResult)

Create authenticates and either generates a new OpenStack token from an OAuth1 token.

func ListAccessTokenRoles 

func ListAccessTokenRoles(client *gophercloud.ServiceClient, userID string, id string) pagination.Pager

ListAccessTokenRoles enumerates authorized access token roles.

func ListAccessTokens 

func ListAccessTokens(client *gophercloud.ServiceClient, userID string) pagination.Pager

ListAccessTokens enumerates authorized access tokens.

func ListConsumers 

func ListConsumers(client *gophercloud.ServiceClient) pagination.Pager

List enumerates Consumers.

Types

type AccessToken 

type AccessToken struct {
	ID                string     `json:"id"`
	ConsumerID        string     `json:"consumer_id"`
	ProjectID         string     `json:"project_id"`
	AuthorizingUserID string     `json:"authorizing_user_id"`
	ExpiresAt         *time.Time `json:"-"`
}

AccessToken represents an AccessToken response as a struct.

func ExtractAccessTokens 

func ExtractAccessTokens(r pagination.Page) ([]AccessToken, error)

ExtractAccessTokens returns a slice of AccessTokens contained in a single page of results.

func (*AccessToken) UnmarshalJSON 

func (r *AccessToken) UnmarshalJSON(b []byte) error

type AccessTokenRole 

type AccessTokenRole struct {
	ID       string `json:"id"`
	Name     string `json:"name"`
	DomainID string `json:"domain_id"`
}

AccessTokenRole represents an Access Token Role struct.

func ExtractAccessTokenRoles 

func ExtractAccessTokenRoles(r pagination.Page) ([]AccessTokenRole, error)

ExtractAccessTokenRoles returns a slice of AccessTokenRole contained in a single page of results.

type AccessTokenRolesPage 

type AccessTokenRolesPage struct {
	pagination.LinkedPageBase
}

AccessTokenRolesPage is a single page of Access Token roles results.

func (AccessTokenRolesPage) IsEmpty 

func (r AccessTokenRolesPage) IsEmpty() (bool, error)

IsEmpty determines whether or not a an AccessTokensPage contains any results.

func (AccessTokenRolesPage) NextPageURL 

func (r AccessTokenRolesPage) NextPageURL() (string, error)

NextPageURL extracts the "next" link from the links section of the result.

type AccessTokensPage 

type AccessTokensPage struct {
	pagination.LinkedPageBase
}

AccessTokensPage is a single page of Access Tokens results.

func (AccessTokensPage) IsEmpty 

func (r AccessTokensPage) IsEmpty() (bool, error)

IsEmpty determines whether or not a an AccessTokensPage contains any results.

func (AccessTokensPage) NextPageURL 

func (r AccessTokensPage) NextPageURL() (string, error)

NextPageURL extracts the "next" link from the links section of the result.

type AuthOptions 

type AuthOptions struct {
	// OAuthConsumerKey is the OAuth1 Consumer Key.
	OAuthConsumerKey string `q:"oauth_consumer_key" required:"true"`

	// OAuthConsumerSecret is the OAuth1 Consumer Secret. Used to generate
	// an OAuth1 request signature.
	OAuthConsumerSecret string `required:"true"`

	// OAuthToken is the OAuth1 Request Token.
	OAuthToken string `q:"oauth_token" required:"true"`

	// OAuthTokenSecret is the OAuth1 Request Token Secret. Used to generate
	// an OAuth1 request signature.
	OAuthTokenSecret string `required:"true"`

	// OAuthSignatureMethod is the OAuth1 signature method the Consumer used
	// to sign the request. Supported values are "HMAC-SHA1" or "PLAINTEXT".
	// "PLAINTEXT" is not recommended for production usage.
	OAuthSignatureMethod SignatureMethod `q:"oauth_signature_method" required:"true"`

	// OAuthTimestamp is an OAuth1 request timestamp. If nil, current Unix
	// timestamp will be used.
	OAuthTimestamp *time.Time

	// OAuthNonce is an OAuth1 request nonce. Nonce must be a random string,
	// uniquely generated for each request. Will be generated automatically
	// when it is not set.
	OAuthNonce string `q:"oauth_nonce"`

	// AllowReauth allows Gophercloud to re-authenticate automatically
	// if/when your token expires.
	AllowReauth bool
}

AuthOptions represents options for authenticating a user using OAuth1 tokens.

func (AuthOptions) CanReauth 

func (opts AuthOptions) CanReauth() bool

CanReauth allows AuthOptions to satisfy the tokens.AuthOptionsBuilder interface.

func (AuthOptions) ToTokenV3CreateMap 

func (opts AuthOptions) ToTokenV3CreateMap(map[string]interface{}) (map[string]interface{}, error)

ToTokenV3CreateMap builds a create request body.

func (AuthOptions) ToTokenV3HeadersMap 

func (opts AuthOptions) ToTokenV3HeadersMap(headerOpts map[string]interface{}) (map[string]string, error)

ToTokenV3HeadersMap builds the headers required for an OAuth1-based create request.

func (AuthOptions) ToTokenV3ScopeMap 

func (opts AuthOptions) ToTokenV3ScopeMap() (map[string]interface{}, error)

ToTokenV3ScopeMap allows AuthOptions to satisfy the tokens.AuthOptionsBuilder interface.

type AuthorizeTokenOpts 

type AuthorizeTokenOpts struct {
	Roles []Role `json:"roles"`
}

AuthorizeTokenOpts provides options used to authorize a request token.

func (AuthorizeTokenOpts) ToOAuth1AuthorizeTokenMap 

func (opts AuthorizeTokenOpts) ToOAuth1AuthorizeTokenMap() (map[string]interface{}, error)

ToOAuth1AuthorizeTokenMap formats an AuthorizeTokenOpts into an authorize token request.

type AuthorizeTokenOptsBuilder 

type AuthorizeTokenOptsBuilder interface {
	ToOAuth1AuthorizeTokenMap() (map[string]interface{}, error)
}

AuthorizeTokenOptsBuilder allows extensions to add additional parameters to the AuthorizeToken request.

type AuthorizeTokenResult 

type AuthorizeTokenResult struct {
	gophercloud.Result
}

func AuthorizeToken 

func AuthorizeToken(client *gophercloud.ServiceClient, id string, opts AuthorizeTokenOptsBuilder) (r AuthorizeTokenResult)

AuthorizeToken authorizes an unauthorized consumer token.

func (AuthorizeTokenResult) Extract 

func (r AuthorizeTokenResult) Extract() (*AuthorizedToken, error)

Extract interprets AuthorizeTokenResult result as a AuthorizedToken.

type AuthorizedToken 

type AuthorizedToken struct {
	// OAuthVerifier is the ID of the token verifier.
	OAuthVerifier string `json:"oauth_verifier"`
}

AuthorizedToken contains an OAuth1 authorized token info.

type Consumer 

type Consumer struct {
	ID          string `json:"id"`
	Secret      string `json:"secret"`
	Description string `json:"description"`
}

Consumer represents a delegated authorization request between two identities.

func ExtractConsumers 

func ExtractConsumers(r pagination.Page) ([]Consumer, error)

ExtractConsumers returns a slice of Consumers contained in a single page of results.

type ConsumersPage 

type ConsumersPage struct {
	pagination.LinkedPageBase
}

ConsumersPage is a single page of Region results.

func (ConsumersPage) IsEmpty 

func (c ConsumersPage) IsEmpty() (bool, error)

IsEmpty determines whether or not a page of Consumers contains any results.

func (ConsumersPage) NextPageURL 

func (c ConsumersPage) NextPageURL() (string, error)

NextPageURL extracts the "next" link from the links section of the result.

type CreateAccessTokenOpts 

type CreateAccessTokenOpts struct {
	// OAuthConsumerKey is the OAuth1 Consumer Key.
	OAuthConsumerKey string `q:"oauth_consumer_key" required:"true"`

	// OAuthConsumerSecret is the OAuth1 Consumer Secret. Used to generate
	// an OAuth1 request signature.
	OAuthConsumerSecret string `required:"true"`

	// OAuthToken is the OAuth1 Request Token.
	OAuthToken string `q:"oauth_token" required:"true"`

	// OAuthTokenSecret is the OAuth1 Request Token Secret. Used to generate
	// an OAuth1 request signature.
	OAuthTokenSecret string `required:"true"`

	// OAuthVerifier is the OAuth1 verification code.
	OAuthVerifier string `q:"oauth_verifier" required:"true"`

	// OAuthSignatureMethod is the OAuth1 signature method the Consumer used
	// to sign the request. Supported values are "HMAC-SHA1" or "PLAINTEXT".
	// "PLAINTEXT" is not recommended for production usage.
	OAuthSignatureMethod SignatureMethod `q:"oauth_signature_method" required:"true"`

	// OAuthTimestamp is an OAuth1 request timestamp. If nil, current Unix
	// timestamp will be used.
	OAuthTimestamp *time.Time

	// OAuthNonce is an OAuth1 request nonce. Nonce must be a random string,
	// uniquely generated for each request. Will be generated automatically
	// when it is not set.
	OAuthNonce string `q:"oauth_nonce"`
}

CreateAccessTokenOpts provides options used to create an OAuth1 token.

func (CreateAccessTokenOpts) ToOAuth1CreateAccessTokenHeaders 

func (opts CreateAccessTokenOpts) ToOAuth1CreateAccessTokenHeaders(method, u string) (map[string]string, error)

ToOAuth1CreateAccessTokenHeaders formats a CreateAccessTokenOpts into a map of request headers.

type CreateAccessTokenOptsBuilder 

type CreateAccessTokenOptsBuilder interface {
	ToOAuth1CreateAccessTokenHeaders(string, string) (map[string]string, error)
}

CreateAccessTokenOptsBuilder allows extensions to add additional parameters to the CreateAccessToken request.

type CreateConsumerOpts 

type CreateConsumerOpts struct {
	// Description is the consumer description.
	Description string `json:"description"`
}

CreateConsumerOpts provides options used to create a new Consumer.

func (CreateConsumerOpts) ToOAuth1CreateConsumerMap 

func (opts CreateConsumerOpts) ToOAuth1CreateConsumerMap() (map[string]interface{}, error)

ToOAuth1CreateConsumerMap formats a CreateConsumerOpts into a create request.

type CreateConsumerOptsBuilder 

type CreateConsumerOptsBuilder interface {
	ToOAuth1CreateConsumerMap() (map[string]interface{}, error)
}

CreateConsumerOptsBuilder allows extensions to add additional parameters to the CreateConsumer request.

type CreateConsumerResult 

type CreateConsumerResult struct {
	// contains filtered or unexported fields
}

CreateConsumerResult is the response from a Create operation. Call its Extract method to interpret it as a Consumer.

func CreateConsumer 

func CreateConsumer(client *gophercloud.ServiceClient, opts CreateConsumerOptsBuilder) (r CreateConsumerResult)

Create creates a new Consumer.

func (CreateConsumerResult) Extract 

func (c CreateConsumerResult) Extract() (*Consumer, error)

Extract interprets any consumer result as a Consumer.

type DeleteConsumerResult 

type DeleteConsumerResult struct {
	gophercloud.ErrResult
}

DeleteConsumerResult is the response from a Delete operation. Call its ExtractErr to determine if the request succeeded or failed.

func DeleteConsumer 

func DeleteConsumer(client *gophercloud.ServiceClient, id string) (r DeleteConsumerResult)

Delete deletes a Consumer.

type GetAccessTokenResult 

type GetAccessTokenResult struct {
	gophercloud.Result
}

func GetAccessToken 

func GetAccessToken(client *gophercloud.ServiceClient, userID string, id string) (r GetAccessTokenResult)

GetAccessToken retrieves details on a single OAuth1 access token by an ID.

func (GetAccessTokenResult) Extract 

func (r GetAccessTokenResult) Extract() (*AccessToken, error)

Extract interprets any GetAccessTokenResult result as an AccessToken.

type GetAccessTokenRoleResult 

type GetAccessTokenRoleResult struct {
	gophercloud.Result
}

func GetAccessTokenRole 

func GetAccessTokenRole(client *gophercloud.ServiceClient, userID string, id string, roleID string) (r GetAccessTokenRoleResult)

GetAccessTokenRole retrieves details on a single OAuth1 access token role by an ID.

func (GetAccessTokenRoleResult) Extract 

func (r GetAccessTokenRoleResult) Extract() (*AccessTokenRole, error)

Extract interprets any GetAccessTokenRoleResult result as an AccessTokenRole.

type GetConsumerResult 

type GetConsumerResult struct {
	// contains filtered or unexported fields
}

GetConsumerResult is the response from a Get operation. Call its Extract method to interpret it as a Consumer.

func GetConsumer 

func GetConsumer(client *gophercloud.ServiceClient, id string) (r GetConsumerResult)

GetConsumer retrieves details on a single Consumer by ID.

func (GetConsumerResult) Extract 

func (c GetConsumerResult) Extract() (*Consumer, error)

Extract interprets any consumer result as a Consumer.

type OAuth1 

type OAuth1 struct {
	AccessTokenID string `json:"access_token_id"`
	ConsumerID    string `json:"consumer_id"`
}

OAuth1 is an OAuth1 object, returned in OAuth1 token result.

type RequestTokenOpts 

type RequestTokenOpts struct {
	// OAuthConsumerKey is the OAuth1 Consumer Key.
	OAuthConsumerKey string `q:"oauth_consumer_key" required:"true"`

	// OAuthConsumerSecret is the OAuth1 Consumer Secret. Used to generate
	// an OAuth1 request signature.
	OAuthConsumerSecret string `required:"true"`

	// OAuthSignatureMethod is the OAuth1 signature method the Consumer used
	// to sign the request. Supported values are "HMAC-SHA1" or "PLAINTEXT".
	// "PLAINTEXT" is not recommended for production usage.
	OAuthSignatureMethod SignatureMethod `q:"oauth_signature_method" required:"true"`

	// OAuthTimestamp is an OAuth1 request timestamp. If nil, current Unix
	// timestamp will be used.
	OAuthTimestamp *time.Time

	// OAuthNonce is an OAuth1 request nonce. Nonce must be a random string,
	// uniquely generated for each request. Will be generated automatically
	// when it is not set.
	OAuthNonce string `q:"oauth_nonce"`

	// RequestedProjectID is a Project ID a consumer user requested an
	// access to.
	RequestedProjectID string `h:"Requested-Project-Id"`
}

RequestTokenOpts provides options used to get a consumer unauthorized request token.

func (RequestTokenOpts) ToOAuth1RequestTokenHeaders 

func (opts RequestTokenOpts) ToOAuth1RequestTokenHeaders(method, u string) (map[string]string, error)

ToOAuth1RequestTokenHeaders formats a RequestTokenOpts into a map of request headers.

type RequestTokenOptsBuilder 

type RequestTokenOptsBuilder interface {
	ToOAuth1RequestTokenHeaders(string, string) (map[string]string, error)
}

RequestTokenOptsBuilder allows extensions to add additional parameters to the RequestToken request.

type RevokeAccessTokenResult 

type RevokeAccessTokenResult struct {
	gophercloud.ErrResult
}

RevokeAccessTokenResult is the response from a Delete operation. Call its ExtractErr to determine if the request succeeded or failed.

func RevokeAccessToken 

func RevokeAccessToken(client *gophercloud.ServiceClient, userID string, id string) (r RevokeAccessTokenResult)

RevokeAccessToken revokes an OAuth1 access token.

type Role 

type Role struct {
	ID   string `json:"id,omitempty"`
	Name string `json:"name,omitempty"`
}

Role is a struct representing a role object in a AuthorizeTokenOpts struct.

type SignatureMethod 

type SignatureMethod string

Type SignatureMethod is a OAuth1 SignatureMethod type. 

const (
	// HMACSHA1 is a recommended OAuth1 signature method.
	HMACSHA1 SignatureMethod = "HMAC-SHA1"

	// PLAINTEXT signature method is not recommended to be used in
	// production environment.
	PLAINTEXT SignatureMethod = "PLAINTEXT"

	// OAuth1TokenContentType is a supported content type for an OAuth1
	// token.
	OAuth1TokenContentType = "application/x-www-form-urlencoded"
)

type Token 

type Token struct {
	// OAuthToken is the key value for the oauth token that the Identity API returns.
	OAuthToken string `q:"oauth_token"`
	// OAuthTokenSecret is the secret value associated with the OAuth Token.
	OAuthTokenSecret string `q:"oauth_token_secret"`
	// OAuthExpiresAt is the date and time when an OAuth token expires.
	OAuthExpiresAt *time.Time `q:"-"`
}

Token contains an OAuth1 token.

type TokenExt 

type TokenExt struct {
	OAuth1 OAuth1 `json:"OS-OAUTH1"`
}

TokenExt represents an extension of the base token result.

type TokenResult 

type TokenResult struct {
	gophercloud.Result
	Body []byte
}

TokenResult is a struct to handle "Content-Type: application/x-www-form-urlencoded" response.

func CreateAccessToken 

func CreateAccessToken(client *gophercloud.ServiceClient, opts CreateAccessTokenOptsBuilder) (r TokenResult)

CreateAccessToken creates a new OAuth1 Access Token

func RequestToken 

func RequestToken(client *gophercloud.ServiceClient, opts RequestTokenOptsBuilder) (r TokenResult)

RequestToken requests an unauthorized OAuth1 Token.

func (TokenResult) Extract 

func (r TokenResult) Extract() (*Token, error)

Extract interprets any OAuth1 token result as a Token.

type UpdateConsumerOpts 

type UpdateConsumerOpts struct {
	// Description is the consumer description.
	Description string `json:"description"`
}

UpdateConsumerOpts provides options used to update a consumer.

func (UpdateConsumerOpts) ToOAuth1UpdateConsumerMap 

func (opts UpdateConsumerOpts) ToOAuth1UpdateConsumerMap() (map[string]interface{}, error)

ToOAuth1UpdateConsumerMap formats an UpdateConsumerOpts into a consumer update request.

type UpdateConsumerResult 

type UpdateConsumerResult struct {
	// contains filtered or unexported fields
}

UpdateConsumerResult is the response from a Create operation. Call its Extract method to interpret it as a Consumer.

func UpdateConsumer 

func UpdateConsumer(client *gophercloud.ServiceClient, id string, opts UpdateConsumerOpts) (r UpdateConsumerResult)

UpdateConsumer updates an existing Consumer.

func (UpdateConsumerResult) Extract 

func (c UpdateConsumerResult) Extract() (*Consumer, error)

Extract interprets any consumer result as a Consumer.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.