luci: go.chromium.org/luci/common/gcloud/googleoauth Index | Files

package googleoauth

import "go.chromium.org/luci/common/gcloud/googleoauth"

Package googleoauth contains some helpers related to Google OAuth2.

Index

Package Files

doc.go info.go

Constants

const (
    // TokeninfoEndpoint is Google's token info endpoint.
    TokeninfoEndpoint = "https://www.googleapis.com/oauth2/v3/tokeninfo"
)

Variables

var ErrBadToken = errors.New("bad token")

ErrBadToken is returned by GetTokenInfo if the passed token is invalid.

type TokenInfo Uses

type TokenInfo struct {
    Azp           string `json:"azp"`
    Aud           string `json:"aud"`
    Sub           string `json:"sub"`
    Scope         string `json:"scope"`
    Exp           int64  `json:"exp,string"`
    ExpiresIn     int64  `json:"expires_in,string"`
    Email         string `json:"email"`
    EmailVerified bool   `json:"email_verified,string"`
    AccessType    string `json:"access_type"`
}

TokenInfo is information about an access or ID tokens.

Of primary importance are 'email', 'email_verified', 'scope' and 'aud' fields. If the caller using token info endpoint to validate tokens, it MUST check correctness of these fields.

func GetTokenInfo Uses

func GetTokenInfo(c context.Context, params TokenInfoParams) (*TokenInfo, error)

GetTokenInfo queries token info endpoint and returns information about the token if it is recognized.

See https://developers.google.com/identity/sign-in/android/backend-auth#calling-the-tokeninfo-endpoint.

On invalid token (as indicated by 4** HTTP response) returns ErrBadToken. On other HTTP-level errors (e.g HTTP 500) returns transient-wrapped *googleapi.Error. On network-level errors returns them in a transient wrapper.

type TokenInfoParams Uses

type TokenInfoParams struct {
    AccessToken string // an access token to check
    IDToken     string // an ID token to check (overrides AccessToken)

    Client   *http.Client // non-authenticating client to use for the call
    Endpoint string       // an endpoint to use instead of the default one
}

TokenInfoParams are parameters for GetTokenInfo call.

Package googleoauth imports 9 packages (graph) and is imported by 9 packages. Updated 2018-12-14. Refresh now. Tools for package owners.