package stsexchange

import "golang.org/x/oauth2/google/internal/stsexchange"

Index ¶

• type ClientAuthentication
• func (c *ClientAuthentication) InjectAuthentication(values url.Values, headers http.Header)
• type Response
• func ExchangeToken(ctx context.Context, endpoint string, request *TokenExchangeRequest, authentication ClientAuthentication, headers http.Header, options map[string]any) (*Response, error)
• func RefreshAccessToken(ctx context.Context, endpoint string, refreshToken string, authentication ClientAuthentication, headers http.Header) (*Response, error)
• type TokenExchangeRequest

Types ¶

type ClientAuthentication ¶

type ClientAuthentication struct {
	// AuthStyle can be either basic or request-body
	AuthStyle    oauth2.AuthStyle
	ClientID     string
	ClientSecret string
}

ClientAuthentication represents an OAuth client ID and secret and the mechanism for passing these credentials as stated in rfc6749#2.3.1.

func (*ClientAuthentication) InjectAuthentication ¶

func (c *ClientAuthentication) InjectAuthentication(values url.Values, headers http.Header)

InjectAuthentication is used to add authentication to a Secure Token Service exchange request. It modifies either the passed url.Values or http.Header depending on the desired authentication format.

type Response ¶

type Response struct {
	AccessToken     string `json:"access_token"`
	IssuedTokenType string `json:"issued_token_type"`
	TokenType       string `json:"token_type"`
	ExpiresIn       int    `json:"expires_in"`
	Scope           string `json:"scope"`
	RefreshToken    string `json:"refresh_token"`
}

Response is used to decode the remote server response during an oauth2 token exchange.

func ExchangeToken ¶

func ExchangeToken(ctx context.Context, endpoint string, request *TokenExchangeRequest, authentication ClientAuthentication, headers http.Header, options map[string]any) (*Response, error)

ExchangeToken performs an oauth2 token exchange with the provided endpoint. The first 4 fields are all mandatory. headers can be used to pass additional headers beyond the bare minimum required by the token exchange. options can be used to pass additional JSON-structured options to the remote server.

func RefreshAccessToken ¶

func RefreshAccessToken(ctx context.Context, endpoint string, refreshToken string, authentication ClientAuthentication, headers http.Header) (*Response, error)

type TokenExchangeRequest ¶

type TokenExchangeRequest struct {
	ActingParty struct {
		ActorToken     string
		ActorTokenType string
	}
	GrantType          string
	Resource           string
	Audience           string
	Scope              []string
	RequestedTokenType string
	SubjectToken       string
	SubjectTokenType   string
}

TokenExchangeRequest contains fields necessary to make an oauth2 token exchange.

Source Files ¶

clientauth.go sts_exchange.go