import "github.com/luci/luci-go/common/gcloud/googleoauth"
Package googleoauth contains some helpers related to Google OAuth2.
const (
// TokeninfoEndpoint is Google's token info endpoint.
TokeninfoEndpoint = "https://oauth2.googleapis.com/tokeninfo"
)ErrBadToken is returned by GetTokenInfo if the passed token is invalid.
type TokenInfo struct {
Azp string `json:"azp"`
Aud string `json:"aud"`
Sub string `json:"sub"`
Scope string `json:"scope"`
Exp int64 `json:"exp,string"`
ExpiresIn int64 `json:"expires_in,string"`
Email string `json:"email"`
EmailVerified bool `json:"email_verified,string"`
AccessType string `json:"access_type"`
}TokenInfo is information about an access or ID tokens.
Of primary importance are 'email', 'email_verified', 'scope' and 'aud' fields. If the caller using token info endpoint to validate tokens, it MUST check correctness of these fields.
GetTokenInfo queries token info endpoint and returns information about the token if it is recognized.
See https://developers.google.com/identity/sign-in/android/backend-auth#calling-the-tokeninfo-endpoint.
On invalid token (as indicated by 4** HTTP response) returns ErrBadToken. On other HTTP-level errors (e.g HTTP 500) returns transient-wrapped *googleapi.Error. On network-level errors returns them in a transient wrapper.
type TokenInfoParams struct {
AccessToken string // an access token to check
IDToken string // an ID token to check (overrides AccessToken)
Client *http.Client // non-authenticating client to use for the call
Endpoint string // an endpoint to use instead of the default one
}TokenInfoParams are parameters for GetTokenInfo call.
Package googleoauth imports 9 packages (graph) and is imported by 2 packages. Updated 2020-07-07. Refresh now. Tools for package owners.