package oauth2

import "k8s.io/kubernetes/Godeps/_workspace/src/github.com/coreos/go-oidc/oauth2"

Index

Constants 

const (
	ErrorAccessDenied            = "access_denied"
	ErrorInvalidClient           = "invalid_client"
	ErrorInvalidGrant            = "invalid_grant"
	ErrorInvalidRequest          = "invalid_request"
	ErrorServerError             = "server_error"
	ErrorUnauthorizedClient      = "unauthorized_client"
	ErrorUnsupportedGrantType    = "unsupported_grant_type"
	ErrorUnsupportedResponseType = "unsupported_response_type"
)
const (
	GrantTypeAuthCode     = "authorization_code"
	GrantTypeClientCreds  = "client_credentials"
	GrantTypeImplicit     = "implicit"
	GrantTypeRefreshToken = "refresh_token"

	AuthMethodClientSecretPost  = "client_secret_post"
	AuthMethodClientSecretBasic = "client_secret_basic"
	AuthMethodClientSecretJWT   = "client_secret_jwt"
	AuthMethodPrivateKeyJWT     = "private_key_jwt"
)
const (
	ResponseTypeCode = "code"
)

Types

type AuthCodeRequest 

type AuthCodeRequest struct {
	ResponseType string
	ClientID     string
	RedirectURL  *url.URL
	Scope        []string
	State        string
}

func ParseAuthCodeRequest 

func ParseAuthCodeRequest(q url.Values) (AuthCodeRequest, error)

type Client 

type Client struct {
	// contains filtered or unexported fields
}

func NewClient 

func NewClient(hc phttp.Client, cfg Config) (c *Client, err error)

func (*Client) AuthCodeURL 

func (c *Client) AuthCodeURL(state, accessType, prompt string) string

Generate the url for initial redirect to oauth provider.

func (*Client) ClientCredsToken 

func (c *Client) ClientCredsToken(scope []string) (result TokenResponse, err error)

ClientCredsToken posts the client id and secret to obtain a token scoped to the OAuth2 client via the "client_credentials" grant type. May not be supported by all OAuth2 servers.

func (*Client) RequestToken 

func (c *Client) RequestToken(grantType, value string) (result TokenResponse, err error)

RequestToken requests a token from the Token Endpoint with the specified grantType. If 'grantType' == GrantTypeAuthCode, then 'value' should be the authorization code. If 'grantType' == GrantTypeRefreshToken, then 'value' should be the refresh token.

type ClientCredentials 

type ClientCredentials struct {
	ID     string
	Secret string
}

type Config 

type Config struct {
	Credentials ClientCredentials
	Scope       []string
	RedirectURL string
	AuthURL     string
	TokenURL    string

	// Must be one of the AuthMethodXXX methods above. Right now, only
	// AuthMethodClientSecretPost and AuthMethodClientSecretBasic are supported.
	AuthMethod string
}

type Error 

type Error struct {
	Type  string `json:"error"`
	State string `json:"state,omitempty"`
}

func NewError 

func NewError(typ string) *Error

func (*Error) Error 

func (e *Error) Error() string

type TokenResponse 

type TokenResponse struct {
	AccessToken  string
	TokenType    string
	Expires      int
	IDToken      string
	RefreshToken string // OPTIONAL.
	Scope        string // OPTIONAL, if identical to the scope requested by the client, otherwise, REQUIRED.
	RawBody      []byte // In case callers need some other non-standard info from the token response
}

Source Files

error.go oauth2.go

Version
v1.1.9-beta.0
Published
Feb 23, 2016
Platform
linux/amd64
Imports
10 packages
Last checked
34 seconds ago

Tools for package owners.