Documentation ¶
Overview ¶
Package bearer provides a generic oauth2.TokenSource for JWT Bearer Grant Assertions.
Please see the gserviceaccount package in this repository for an example of how to use the JWT bearer token source.
Index ¶
- Constants
- type Bearer
- type Option
- func WithClaim(name string, v interface{}) Option
- func WithExpiresIn(d time.Duration) Option
- func WithIssuedAt(enable bool) Option
- func WithNotBefore(enable bool) Option
- func WithScope(scopes ...string) Option
- func WithSubject(subject string) Option
- func WithTransport(transport http.RoundTripper) Option
Constants ¶
const GrantType = "urn:ietf:params:oauth:grant-type:jwt-bearer"
GrantType is the JWT grant type assertion value.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Bearer ¶
type Bearer struct {
// contains filtered or unexported fields
}
Bearer provides a JWT based, oauth2 token source that generates tokens for redemption with the JWT bearer grant assertion auth flow.
This token source can be used with an oauth2 transport to transparently authenticate a client's HTTP requests, and would typically be used with golang.org/x/oauth2.Transport and Go's standard http.Client.
This bearer token source should be wrapped by a oauth2.ReusableTokenSource before using with oauth2.Transport.
func NewTokenSource ¶
func NewTokenSource(signer jwt.Signer, tokenURL string, ctx context.Context, opts ...Option) (*Bearer, error)
NewTokenSource creates a oauth2.TokenSource that generates auth tokens redeemed using the JWT Bearer Grant assertion auth flow using the supplied jwt.Signer. A token redemption will be invoked at the tokenURL using the supplied context.
Use WithClaim option to pass additional claims to the token source such as token subject or scope.
type Option ¶
Option is a bearer token source option.
func WithClaim ¶
WithClaim is a bearer token source option that adds additional claims to generated tokens.
func WithExpiresIn ¶
WithExpiresIn is a bearer token source option that sets the expiration duration for generated tokens.
func WithIssuedAt ¶
WithIssuedAt is a bearer token source option that adds the Issued At ("iat") field to generated tokens.
func WithNotBefore ¶
WithNotBefore is a bearer token source option that adds the Not Before ("nbf") field to generated tokens.
func WithScope ¶
WithScope is a bearer token source option that adds a Scope ("scope") claim to generated tokens.
Note: Scopes are joined with a space (" "). Use WithClaim option if a different separator is required.
func WithSubject ¶
WithSubject is a bearer token source option that adds the Subject ("sub") claim to generated tokens.
func WithTransport ¶
func WithTransport(transport http.RoundTripper) Option
WithTransport is a bearer token source option that sets the HTTP client transport to use during token exchange.