Documentation ¶
Index ¶
- Constants
- Variables
- func IsConsentRequiredError(err error) bool
- type AccessTokenIssuer
- type AnonymousIdentityProvider
- type AnonymousUserHandler
- func (h *AnonymousUserHandler) IssuePromotionCode(req *http.Request, sessionType WebSessionType, refreshToken string) (code string, codeObj *anonymous.PromotionCode, err error)
- func (h *AnonymousUserHandler) SignupAnonymousUser(req *http.Request, clientID string, sessionType WebSessionType, ...) (*SignupAnonymousUserResult, error)
- type AnonymousUserHandlerLogger
- type App2AppService
- type AppSessionTokenService
- type AuthenticationInfoService
- type AuthorizationHandler
- func (h *AuthorizationHandler) Handle(r protocol.AuthorizationRequest) httputil.Result
- func (h *AuthorizationHandler) HandleConsentWithUserCancel(req *http.Request) httputil.Result
- func (h *AuthorizationHandler) HandleConsentWithUserConsent(req *http.Request) httputil.Result
- func (h *AuthorizationHandler) HandleConsentWithoutUserConsent(req *http.Request) (httputil.Result, *ConsentRequired)
- type AuthorizationHandlerLogger
- type AuthorizationService
- type ChallengeProvider
- type CodeGrantService
- type ConsentRequired
- type CookieManager
- type CookiesGetter
- type CreateCodeGrantOptions
- type CreateSettingsActionGrantOptions
- type EventService
- type GraphService
- type IDTokenIssuer
- type IssueOfflineGrantOptions
- type OAuthClientResolver
- type OAuthSessionService
- type PromotionCodeStore
- type ProxyRedirectHandler
- type RevokeHandler
- type ScopesValidator
- type SessionManager
- type SettingsActionGrantService
- type SignupAnonymousUserResult
- type TokenGenerator
- type TokenHandler
- func (h *TokenHandler) Handle(rw http.ResponseWriter, req *http.Request, r protocol.TokenRequest) httputil.Result
- func (h *TokenHandler) IssueAppSessionToken(refreshToken string) (string, *oauth.AppSessionToken, error)
- func (h *TokenHandler) IssueTokensForAuthorizationCode(client *config.OAuthClientConfig, r protocol.TokenRequest) (protocol.TokenResponse, error)
- func (h *TokenHandler) IssueTokensForSettingsActionCode(client *config.OAuthClientConfig, r protocol.TokenRequest) (protocol.TokenResponse, error)
- type TokenHandlerLogger
- type TokenHandlerUserFacade
- type TokenService
- func (s *TokenService) IssueAccessGrant(client *config.OAuthClientConfig, scopes []string, authzID string, ...) error
- func (s *TokenService) IssueOfflineGrant(client *config.OAuthClientConfig, opts IssueOfflineGrantOptions, ...) (*oauth.OfflineGrant, error)
- func (s *TokenService) ParseRefreshToken(token string) (*oauth.Authorization, *oauth.OfflineGrant, error)
- type UIInfoResolver
- type UIURLBuilder
- type UserProvider
- type WebSessionType
Constants ¶
View Source
const ( CodeResponseType = "code" NoneResponseType = "none" SettingsActonResponseType = "urn:authgear:params:oauth:response-type:settings-action" )
View Source
const ( AnonymousRequestGrantType = "urn:authgear:params:oauth:grant-type:anonymous-request" BiometricRequestGrantType = "urn:authgear:params:oauth:grant-type:biometric-request" App2AppRequestGrantType = "urn:authgear:params:oauth:grant-type:app2app-request" // nolint:gosec IDTokenGrantType = "urn:authgear:params:oauth:grant-type:id-token" SettingsActionGrantType = "urn:authgear:params:oauth:grant-type:settings-action" )
View Source
const AppSessionTokenDuration = duration.Short
View Source
const CodeGrantValidDuration = duration.Short
View Source
const PromotionCodeDuration = duration.Short
View Source
const SettingsActionGrantValidDuration = duration.Short
Variables ¶
View Source
var DependencySet = wire.NewSet( NewAuthorizationHandlerLogger, wire.Struct(new(AuthorizationHandler), "*"), NewTokenHandlerLogger, wire.Struct(new(TokenHandler), "*"), wire.Struct(new(RevokeHandler), "*"), NewAnonymousUserHandlerLogger, wire.Struct(new(AnonymousUserHandler), "*"), wire.Struct(new(TokenService), "*"), wire.Struct(new(CodeGrantService), "*"), wire.Struct(new(SettingsActionGrantService), "*"), wire.Struct(new(ProxyRedirectHandler), "*"), )
View Source
var ErrInvalidRefreshToken = protocol.NewError("invalid_grant", "invalid refresh token")
View Source
var ErrLoggedInAsNormalUser = apierrors.NewInvalid("user logged in as normal user")
View Source
var ErrUnauthenticated = apierrors.NewUnauthorized("authentication required")
Functions ¶
func IsConsentRequiredError ¶
Types ¶
type AccessTokenIssuer ¶
type AccessTokenIssuer interface {
EncodeAccessToken(client *config.OAuthClientConfig, grant *oauth.AccessGrant, userID string, token string) (string, error)
}
type AnonymousUserHandler ¶
type AnonymousUserHandler struct { AppID config.AppID OAuthConfig *config.OAuthConfig Logger AnonymousUserHandlerLogger Graphs GraphService Authorizations AuthorizationService Clock clock.Clock TokenService TokenService UserProvider UserProvider AnonymousIdentities AnonymousIdentityProvider PromotionCodes PromotionCodeStore OAuthClientResolver OAuthClientResolver }
func (*AnonymousUserHandler) IssuePromotionCode ¶
func (h *AnonymousUserHandler) IssuePromotionCode( req *http.Request, sessionType WebSessionType, refreshToken string, ) (code string, codeObj *anonymous.PromotionCode, err error)
func (*AnonymousUserHandler) SignupAnonymousUser ¶
func (h *AnonymousUserHandler) SignupAnonymousUser( req *http.Request, clientID string, sessionType WebSessionType, refreshToken string, ) (*SignupAnonymousUserResult, error)
SignupAnonymousUser return token response or api errors
type AnonymousUserHandlerLogger ¶
func NewAnonymousUserHandlerLogger ¶
func NewAnonymousUserHandlerLogger(lf *log.Factory) AnonymousUserHandlerLogger
type App2AppService ¶
type AppSessionTokenService ¶
type AppSessionTokenService interface {
Handle(input oauth.AppSessionTokenInput) (httputil.Result, error)
}
type AuthorizationHandler ¶
type AuthorizationHandler struct { Context context.Context AppID config.AppID Config *config.OAuthConfig HTTPConfig *config.HTTPConfig HTTPProto httputil.HTTPProto HTTPOrigin httputil.HTTPOrigin AppDomains config.AppDomains Logger AuthorizationHandlerLogger UIURLBuilder UIURLBuilder UIInfoResolver UIInfoResolver Authorizations AuthorizationService ValidateScopes ScopesValidator AppSessionTokenService AppSessionTokenService AuthenticationInfoService AuthenticationInfoService Clock clock.Clock Cookies CookieManager OAuthSessionService OAuthSessionService CodeGrantService CodeGrantService SettingsActionGrantService SettingsActionGrantService ClientResolver OAuthClientResolver }
func (*AuthorizationHandler) Handle ¶
func (h *AuthorizationHandler) Handle(r protocol.AuthorizationRequest) httputil.Result
func (*AuthorizationHandler) HandleConsentWithUserCancel ¶
func (h *AuthorizationHandler) HandleConsentWithUserCancel(req *http.Request) httputil.Result
func (*AuthorizationHandler) HandleConsentWithUserConsent ¶
func (h *AuthorizationHandler) HandleConsentWithUserConsent(req *http.Request) httputil.Result
func (*AuthorizationHandler) HandleConsentWithoutUserConsent ¶
func (h *AuthorizationHandler) HandleConsentWithoutUserConsent(req *http.Request) (httputil.Result, *ConsentRequired)
type AuthorizationHandlerLogger ¶
func NewAuthorizationHandlerLogger ¶
func NewAuthorizationHandlerLogger(lf *log.Factory) AuthorizationHandlerLogger
type AuthorizationService ¶
type ChallengeProvider ¶
type CodeGrantService ¶
type CodeGrantService struct { AppID config.AppID CodeGenerator TokenGenerator Clock clock.Clock CodeGrants oauth.CodeGrantStore }
func (*CodeGrantService) CreateCodeGrant ¶
func (s *CodeGrantService) CreateCodeGrant(opts *CreateCodeGrantOptions) (code string, grant *oauth.CodeGrant, err error)
type ConsentRequired ¶
type ConsentRequired struct { UserID string Scopes []string Client *config.OAuthClientConfig }
type CookieManager ¶
type CookiesGetter ¶
type CreateCodeGrantOptions ¶
type CreateCodeGrantOptions struct { Authorization *oauth.Authorization IDPSessionID string AuthenticationInfo authenticationinfo.T IDTokenHintSID string RedirectURI string AuthorizationRequest protocol.AuthorizationRequest }
type CreateSettingsActionGrantOptions ¶
type CreateSettingsActionGrantOptions struct { Authorization *oauth.Authorization IDPSessionID string AuthenticationInfo authenticationinfo.T IDTokenHintSID string RedirectURI string AuthorizationRequest protocol.AuthorizationRequest }
type EventService ¶
type GraphService ¶
type GraphService interface { NewGraph(ctx *interaction.Context, intent interaction.Intent) (*interaction.Graph, error) DryRun(contextValue interaction.ContextValues, fn func(*interaction.Context) (*interaction.Graph, error)) error Run(contextValue interaction.ContextValues, graph *interaction.Graph) error Accept(ctx *interaction.Context, graph *interaction.Graph, input interface{}) (*interaction.Graph, []interaction.Edge, error) }
type IDTokenIssuer ¶
type IDTokenIssuer interface {
IssueIDToken(opts oidc.IssueIDTokenOptions) (token string, err error)
}
type OAuthClientResolver ¶
type OAuthClientResolver interface {
ResolveClient(clientID string) *config.OAuthClientConfig
}
type OAuthSessionService ¶
type OAuthSessionService interface { Save(entry *oauthsession.Entry) (err error) Get(entryID string) (*oauthsession.Entry, error) Delete(entryID string) error }
type PromotionCodeStore ¶
type PromotionCodeStore interface {
CreatePromotionCode(code *anonymous.PromotionCode) error
}
type ProxyRedirectHandler ¶
type ProxyRedirectHandler struct { OAuthConfig *config.OAuthConfig HTTPOrigin httputil.HTTPOrigin HTTPProto httputil.HTTPProto AppDomains config.AppDomains }
func (*ProxyRedirectHandler) Validate ¶
func (h *ProxyRedirectHandler) Validate(redirectURIWithQuery string) error
type RevokeHandler ¶
type RevokeHandler struct { SessionManager SessionManager OfflineGrants oauth.OfflineGrantStore AccessGrants oauth.AccessGrantStore }
func (*RevokeHandler) Handle ¶
func (h *RevokeHandler) Handle(r protocol.RevokeRequest) error
type ScopesValidator ¶
type ScopesValidator func(client *config.OAuthClientConfig, scopes []string) error
type SessionManager ¶
type SettingsActionGrantService ¶
type SettingsActionGrantService struct { AppID config.AppID CodeGenerator TokenGenerator Clock clock.Clock SettingsActionGrants oauth.SettingsActionGrantStore }
func (*SettingsActionGrantService) CreateSettingsActionGrant ¶
func (s *SettingsActionGrantService) CreateSettingsActionGrant(opts *CreateSettingsActionGrantOptions) (code string, grant *oauth.SettingsActionGrant, err error)
type TokenGenerator ¶
type TokenGenerator func() string
type TokenHandler ¶
type TokenHandler struct { Context context.Context AppID config.AppID Config *config.OAuthConfig AppDomains config.AppDomains HTTPProto httputil.HTTPProto HTTPOrigin httputil.HTTPOrigin OAuthFeatureConfig *config.OAuthFeatureConfig IdentityFeatureConfig *config.IdentityFeatureConfig OAuthClientCredentials *config.OAuthClientCredentials Logger TokenHandlerLogger Authorizations AuthorizationService CodeGrants oauth.CodeGrantStore SettingsActionGrantStore oauth.SettingsActionGrantStore OfflineGrants oauth.OfflineGrantStore AppSessionTokens oauth.AppSessionTokenStore OfflineGrantService oauth.OfflineGrantService Graphs GraphService IDTokenIssuer IDTokenIssuer Clock clock.Clock TokenService TokenService Events EventService SessionManager SessionManager App2App App2AppService Challenges ChallengeProvider CodeGrantService CodeGrantService ClientResolver OAuthClientResolver UIInfoResolver UIInfoResolver }
func (*TokenHandler) Handle ¶
func (h *TokenHandler) Handle(rw http.ResponseWriter, req *http.Request, r protocol.TokenRequest) httputil.Result
TODO: Write some tests
func (*TokenHandler) IssueAppSessionToken ¶
func (h *TokenHandler) IssueAppSessionToken(refreshToken string) (string, *oauth.AppSessionToken, error)
func (*TokenHandler) IssueTokensForAuthorizationCode ¶
func (h *TokenHandler) IssueTokensForAuthorizationCode( client *config.OAuthClientConfig, r protocol.TokenRequest, ) (protocol.TokenResponse, error)
nolint:gocognit
func (*TokenHandler) IssueTokensForSettingsActionCode ¶
func (h *TokenHandler) IssueTokensForSettingsActionCode( client *config.OAuthClientConfig, r protocol.TokenRequest, ) (protocol.TokenResponse, error)
nolint:gocognit
type TokenHandlerLogger ¶
func NewTokenHandlerLogger ¶
func NewTokenHandlerLogger(lf *log.Factory) TokenHandlerLogger
type TokenHandlerUserFacade ¶
type TokenService ¶
type TokenService struct { RemoteIP httputil.RemoteIP UserAgentString httputil.UserAgentString AppID config.AppID Config *config.OAuthConfig Authorizations oauth.AuthorizationStore OfflineGrants oauth.OfflineGrantStore AccessGrants oauth.AccessGrantStore OfflineGrantService oauth.OfflineGrantService AccessEvents *access.EventProvider AccessTokenIssuer AccessTokenIssuer GenerateToken TokenGenerator Clock clock.Clock Users TokenHandlerUserFacade }
func (*TokenService) IssueAccessGrant ¶
func (s *TokenService) IssueAccessGrant( client *config.OAuthClientConfig, scopes []string, authzID string, userID string, sessionID string, sessionKind oauth.GrantSessionKind, resp protocol.TokenResponse, ) error
func (*TokenService) IssueOfflineGrant ¶
func (s *TokenService) IssueOfflineGrant( client *config.OAuthClientConfig, opts IssueOfflineGrantOptions, resp protocol.TokenResponse, ) (*oauth.OfflineGrant, error)
func (*TokenService) ParseRefreshToken ¶
func (s *TokenService) ParseRefreshToken(token string) (*oauth.Authorization, *oauth.OfflineGrant, error)
type UIInfoResolver ¶
type UIInfoResolver interface { ResolveForAuthorizationEndpoint(client *config.OAuthClientConfig, req protocol.AuthorizationRequest) (*oidc.UIInfo, *oidc.UIInfoByProduct, error) GetAuthenticationInfoID(req *http.Request) (string, bool) }
type UIURLBuilder ¶
type UIURLBuilder interface { BuildAuthenticationURL(client *config.OAuthClientConfig, r protocol.AuthorizationRequest, e *oauthsession.Entry) (*url.URL, error) BuildSettingsActionURL(client *config.OAuthClientConfig, r protocol.AuthorizationRequest, e *oauthsession.Entry, redirectURI *url.URL) (*url.URL, error) }
type UserProvider ¶
type WebSessionType ¶
type WebSessionType string
const ( WebSessionTypeCookie WebSessionType = "cookie" WebSessionTypeRefreshToken WebSessionType = "refresh_token" )
Source Files ¶
Click to show internal directories.
Click to hide internal directories.