oauth2: golang.org/x/oauth2/google/internal/externalaccount Index | Files

package externalaccount

import "golang.org/x/oauth2/google/internal/externalaccount"


Package Files

basecredentials.go clientauth.go err.go filecredsource.go sts_exchange.go urlcredsource.go

type ClientAuthentication Uses

type ClientAuthentication struct {
    // AuthStyle can be either basic or request-body
    AuthStyle    oauth2.AuthStyle
    ClientID     string
    ClientSecret string

ClientAuthentication represents an OAuth client ID and secret and the mechanism for passing these credentials as stated in rfc6749#2.3.1.

func (*ClientAuthentication) InjectAuthentication Uses

func (c *ClientAuthentication) InjectAuthentication(values url.Values, headers http.Header)

type Config Uses

type Config struct {
    Audience                       string
    SubjectTokenType               string
    TokenURL                       string
    TokenInfoURL                   string
    ServiceAccountImpersonationURL string
    ClientSecret                   string
    ClientID                       string
    CredentialSource               CredentialSource
    QuotaProjectID                 string
    Scopes                         []string

Config stores the configuration for fetching tokens with external credentials.

func (*Config) TokenSource Uses

func (c *Config) TokenSource(ctx context.Context) oauth2.TokenSource

TokenSource Returns an external account TokenSource struct. This is to be called by package google to construct a google.Credentials.

type CredentialSource Uses

type CredentialSource struct {
    File string `json:"file"`

    URL     string            `json:"url"`
    Headers map[string]string `json:"headers"`

    EnvironmentID               string `json:"environment_id"`
    RegionURL                   string `json:"region_url"`
    RegionalCredVerificationURL string `json:"regional_cred_verification_url"`
    CredVerificationURL         string `json:"cred_verification_url"`
    Format                      format `json:"format"`

CredentialSource stores the information necessary to retrieve the credentials for the STS exchange.

type Error Uses

type Error struct {
    Code        string
    URI         string
    Description string

Error for handling OAuth related error responses as stated in rfc6749#5.2.

func (*Error) Error Uses

func (err *Error) Error() string

type STSTokenExchangeRequest Uses

type STSTokenExchangeRequest struct {
    ActingParty struct {
        ActorToken     string
        ActorTokenType string
    GrantType          string
    Resource           string
    Audience           string
    Scope              []string
    RequestedTokenType string
    SubjectToken       string
    SubjectTokenType   string

STSTokenExchangeRequest contains fields necessary to make an oauth2 token exchange.

type STSTokenExchangeResponse Uses

type STSTokenExchangeResponse struct {
    AccessToken     string `json:"access_token"`
    IssuedTokenType string `json:"issued_token_type"`
    TokenType       string `json:"token_type"`
    ExpiresIn       int    `json:"expires_in"`
    Scope           string `json:"scope"`
    RefreshToken    string `json:"refresh_token"`

STSTokenExchangeResponse is used to decode the remote server response during an oauth2 token exchange.

func ExchangeToken Uses

func ExchangeToken(ctx context.Context, endpoint string, request *STSTokenExchangeRequest, authentication ClientAuthentication, headers http.Header, options map[string]interface{}) (*STSTokenExchangeResponse, error)

ExchangeToken performs an oauth2 token exchange with the provided endpoint. The first 4 fields are all mandatory. headers can be used to pass additional headers beyond the bare minimum required by the token exchange. options can be used to pass additional JSON-structured options to the remote server.

Package externalaccount imports 15 packages (graph) and is imported by 1 packages. Updated 2021-01-15. Refresh now. Tools for package owners.