Documentation
¶
Index ¶
- Variables
- type AuthenticationOAuth2ClientCredentialsRequest
- type AuthenticationOAuth2IntrospectionRequest
- type Authenticator
- type DefaultSession
- type IntrospectionResponse
- type OAuth2ClientCredentialsAuthentication
- type OAuth2ClientCredentialsSession
- type OAuth2IntrospectionAuthentication
- type OAuth2Session
- type PlaintextAuthentication
- type Session
Constants ¶
This section is empty.
Variables ¶
View Source
CodeField: http.StatusUnauthorized, ErrorField: "The provided credentials are invalid, expired, or are not authorized to use the requested scope", }
Functions ¶
This section is empty.
Types ¶
type AuthenticationOAuth2ClientCredentialsRequest ¶
type AuthenticationOAuth2ClientCredentialsRequest struct {
// Token is the token to introspect.
ClientID string `json:"id"`
ClientSecret string `json:"secret"`
// Scope is an array of scopes that are required.
Scopes []string `json:"scope"`
}
swagger:model AuthenticationOAuth2ClientCredentialsRequest
type AuthenticationOAuth2IntrospectionRequest ¶
type AuthenticationOAuth2IntrospectionRequest struct {
// Token is the token to introspect.
Token string `json:"token"`
// Scope is an array of scopes that are required.
Scope []string `json:"scope"`
}
swagger:model AuthenticationOAuth2IntrospectionRequest
type Authenticator ¶
type DefaultSession ¶
type DefaultSession struct {
// Subject is the identity that authorized issuing the token, for example a user or an OAuth2 app.
// This is usually a uuid but you can choose a urn or some other id too.
Subject string `json:"sub"`
// Allowed is true if the request is allowed and false otherwise.
Allowed bool `json:"allowed"`
}
swagger:model authenticationDefaultSession
func (*DefaultSession) DenyAccess ¶
func (s *DefaultSession) DenyAccess()
func (*DefaultSession) GetSubject ¶
func (s *DefaultSession) GetSubject() string
func (*DefaultSession) GrantAccess ¶
func (s *DefaultSession) GrantAccess()
type IntrospectionResponse ¶
type IntrospectionResponse struct {
Active bool `json:"active"`
Scope string `json:"scope,omitempty"`
ClientID string `json:"client_id,omitempty"`
// Here, it's sub
Subject string `json:"sub,omitempty"`
ExpiresAt int64 `json:"exp,omitempty"`
IssuedAt int64 `json:"iat,omitempty"`
NotBefore int64 `json:"nbf,omitempty"`
Username string `json:"username,omitempty"`
Audience []string `json:"aud,omitempty"`
Issuer string `json:"iss,omitempty"`
TokenType string `json:"token_type,omitempty"`
// Session represents arbitrary session data.
Extra map[string]interface{} `json:"ext"`
}
type OAuth2ClientCredentialsAuthentication ¶
type OAuth2ClientCredentialsAuthentication struct {
// contains filtered or unexported fields
}
func NewOAuth2ClientCredentialsAuthentication ¶
func NewOAuth2ClientCredentialsAuthentication(tokenURL string) *OAuth2ClientCredentialsAuthentication
func (*OAuth2ClientCredentialsAuthentication) Authenticate ¶
func (a *OAuth2ClientCredentialsAuthentication) Authenticate(r *http.Request) (Session, error)
type OAuth2ClientCredentialsSession ¶
type OAuth2ClientCredentialsSession struct {
// Here, it's subject
*DefaultSession
}
swagger:model authenticationOAuth2ClientCredentialsSession
func NewOAuth2ClientCredentialsSession ¶
func NewOAuth2ClientCredentialsSession() *OAuth2ClientCredentialsSession
type OAuth2IntrospectionAuthentication ¶
type OAuth2IntrospectionAuthentication struct {
// contains filtered or unexported fields
}
func NewOAuth2IntrospectionAuthentication ¶
func NewOAuth2IntrospectionAuthentication(clientID, clientSecret, tokenURL, introspectionURL string, scopes []string, strategy fosite.ScopeStrategy) *OAuth2IntrospectionAuthentication
func (*OAuth2IntrospectionAuthentication) Authenticate ¶
func (a *OAuth2IntrospectionAuthentication) Authenticate(r *http.Request) (Session, error)
func (*OAuth2IntrospectionAuthentication) Introspect ¶
func (a *OAuth2IntrospectionAuthentication) Introspect(token string, scopes []string, strategy fosite.ScopeStrategy) (*IntrospectionResponse, error)
type OAuth2Session ¶
type OAuth2Session struct {
// Subject is the identity that authorized issuing the token, for example a user or an OAuth2 app.
// This is usually a uuid but you can choose a urn or some other id too.
Subject string `json:"sub"`
// Allowed is true if the request is allowed and false otherwise.
Allowed bool `json:"allowed"`
// GrantedScopes is a list of scopes that the subject authorized when asked for consent.
GrantedScopes string `json:"scope"`
// Issuer is the id of the issuer, typically an hydra instance.
Issuer string `json:"iss"`
// ClientID is the id of the OAuth2 client that requested the token.
ClientID string `json:"client_id"`
// IssuedAt is the token creation time stamp.
IssuedAt time.Time `json:"iat"`
// ExpiresAt is the expiry timestamp.
ExpiresAt time.Time `json:"exp"`
NotBefore time.Time `json:"nbf,omitempty"`
Username string `json:"username,omitempty"`
Audience []string `json:"aud,omitempty"`
// Session represents arbitrary session data.
Extra map[string]interface{} `json:"session,omitempty"`
}
swagger:model authenticationOAuth2Session
func (*OAuth2Session) DenyAccess ¶
func (s *OAuth2Session) DenyAccess()
func (*OAuth2Session) GetSubject ¶
func (s *OAuth2Session) GetSubject() string
func (*OAuth2Session) GrantAccess ¶
func (s *OAuth2Session) GrantAccess()
type PlaintextAuthentication ¶
type PlaintextAuthentication struct {
// contains filtered or unexported fields
}
func NewPlaintextAuthentication ¶
func NewPlaintextAuthentication() *PlaintextAuthentication
func (*PlaintextAuthentication) Authenticate ¶
func (a *PlaintextAuthentication) Authenticate(r *http.Request) (Session, error)
Source Files
Click to show internal directories.
Click to hide internal directories.