Versions in this module Expand all Collapse all v1 v1.8.1 Jun 27, 2023 Changes in this version + const AuthorizationCodeGrantType + const ClientCredentialsGrantType + const ClientSecretBasicAuthMethod + const ClientSecretJwtAuthMethod + const ClientSecretPostAuthMethod + const CodeVerifierLength + const DPoPHeaderName + const DPoPHeaderType + const DeviceGrantType + const ErrAuthorizationPending + const ErrSlowDown + const ImplicitGrantType + const JWTBearerGrantType + const JwtBearerClientAssertion + const NoneAuthMethod + const OpenIDConfigurationPath + const PasswordGrantType + const PrivateKeyJwtAuthMethod + const RefreshTokenGrantType + const SelfSignedTLSAuthMethod + const TLSClientAuthMethod + const TokenExchangeGrantType + var CodeChallengeEncoder = base64.RawURLEncoding + func DPoPSignRequest(signingKey string, hc *http.Client, r *http.Request) error + func DPoPThumbprint(signingKey string, hc *http.Client) (string, error) + func EncryptJWT(token string, encrypterProvider EncrypterProvider) (nestedJWT string, key interface{}, err error) + func FetchOpenIDConfiguration(ctx context.Context, issuerURL string, hc *http.Client) (request Request, c ServerConfig, err error) + func ParseError(resp *http.Response) error + func PlaintextJWT(claimsProvider ClaimsProvider) (jwt string, key string, err error) + func RandomString(n int) string + func ReadKey(use KeyUse, location string, hc *http.Client) (jose.JSONWebKey, error) + func ReadKeyPair(cert string, key string, hc *http.Client) (keyPair tls.Certificate, err error) + func ReadRootCA(location string, hc *http.Client) (pool *x509.CertPool, err error) + func ReadURL(location string, hc *http.Client) (data []byte, err error) + func RequestDeviceAuthorization(ctx context.Context, cconfig ClientConfig, sconfig ServerConfig, ...) (request Request, response DeviceAuthorizationResponse, err error) + func RequestPAR(ctx context.Context, cconfig ClientConfig, sconfig ServerConfig, ...) (parRequest Request, parResponse PARResponse, authorizeRequest Request, ...) + func RequestToken(ctx context.Context, cconfig ClientConfig, sconfig ServerConfig, ...) (request Request, response TokenResponse, err error) + func SignJWT(claimsProvider ClaimsProvider, signerProvider SignerProvider) (jwt string, key interface{}, err error) + func UnsafeParseJWT(token string) (*jwt.JSONWebToken, map[string]interface{}, error) + func WithAuthorizationCode(code string) func(*RequestTokenParams) + func WithCodeVerifier(codeVerifier string) func(*RequestTokenParams) + func WithDeviceCode(deviceCode string) func(*RequestTokenParams) + func WithRedirectURL(url string) func(*RequestTokenParams) + type ClaimsProvider func() (map[string]interface{}, error) + func AssertionClaims(serverConfig ServerConfig, clientConfig ClientConfig) ClaimsProvider + func ClientAssertionClaims(serverConfig ServerConfig, clientConfig ClientConfig) ClaimsProvider + func RequestObjectClaims(params url.Values, serverConfig ServerConfig, clientConfig ClientConfig) ClaimsProvider + type ClientConfig struct + ActorToken string + ActorTokenType string + Assertion string + Audience []string + AuthMethod string + Claims string + ClientID string + ClientSecret string + DPoP bool + EncryptedRequestObject bool + EncryptionKey string + GrantType string + IDPHint string + IDTokenHint string + Insecure bool + IssuerURL string + LoginHint string + Origin string + PAR bool + PKCE bool + Password string + RedirectURL string + RefreshToken string + RequestObject bool + ResponseMode string + ResponseType []string + Scopes []string + SigningKey string + SubjectToken string + SubjectTokenType string + TLSCert string + TLSKey string + TLSRootCA string + Timeout time.Duration + Username string + type DPoPClaims struct + Htm string + Htu string + IssuedAt int64 + Jti string + type DeviceAuthorizationResponse struct + DeviceCode string + ExpiresIn int64 + Interval int64 + UserCode string + VerificationURI string + VerificationURIComplete string + type EncrypterProvider func() (jose.Encrypter, interface{}, error) + func JWEEncrypter(keyPath string, hc *http.Client) EncrypterProvider + type Error struct + Cause string + Description string + ErrorCode string + Hint string + StatusCode int + TraceID string + func (e *Error) Error() string + type KeyUse string + const EncryptionKey + const SigningKey + type PARResponse struct + ExpiresIn int64 + RequestURI string + type Request struct + Cert *x509.Certificate + EncryptionKey interface{} + Form url.Values + Headers map[string][]string + JARM map[string]interface{} + Method string + RequestObject string + SigningKey interface{} + URL *url.URL + func RequestAuthorization(cconfig ClientConfig, sconfig ServerConfig, hc *http.Client) (r Request, codeVerifier string, err error) + func WaitForCallback(clientConfig ClientConfig, serverConfig ServerConfig, hc *http.Client) (request Request, err error) + func (r *Request) AuthenticateClient(endpoint string, mtlsEndpoint string, cconfig ClientConfig, ...) (string, error) + func (r *Request) AuthorizeRequest(cconfig ClientConfig, sconfig ServerConfig, hc *http.Client) (codeVerifier string, err error) + func (r *Request) Get(key string) string + func (r *Request) ParseJARM(signingKey interface{}, encryptionKey interface{}) error + type RequestTokenOption func(*RequestTokenParams) + type RequestTokenParams struct + Code string + CodeVerifier string + DeviceCode string + RedirectURL string + type ServerConfig struct + AuthorizationEndpoint string + DeviceAuthorizationEndpoint string + Issuer string + JWKsURI string + MTLsEndpointAliases struct{ ... } + PushedAuthorizationRequestEndpoint string + SupportedGrantTypes []string + SupportedResponseModes []string + SupportedResponseTypes []string + SupportedScopes []string + SupportedTokenEndpointAuthMethods []string + TokenEndpoint string + type SignerProvider func() (jose.Signer, interface{}, error) + func JWKSigner(keyPath string, hc *http.Client) SignerProvider + func SecretSigner(secret []byte) SignerProvider + type TokenResponse struct + AccessToken string + ExpiresIn int64 + IDToken string + IssuedTokenType string + RefreshToken string + Scope string + TokenType string + func NewTokenResponseFromForm(f url.Values) TokenResponse