rfc8628

package

v0.2.18 Latest Latest Go to latest Published: Nov 9, 2025 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/authelia/oauth2-provider

Links

Open Source Insights

Documentation ¶

Index ¶

type CodeStrategy
type DeviceAuthorizeHandler
- func (d *DeviceAuthorizeHandler) HandleRFC8628DeviceAuthorizeEndpointRequest(ctx context.Context, dar oauth2.DeviceAuthorizeRequester, ...) (err error)
type DeviceAuthorizeTokenEndpointHandler
type DeviceCodeStrategy
type DeviceCodeTokenHandler
type Storage
type UserAuthorizeHandler
- func (d *UserAuthorizeHandler) HandleRFC8628UserAuthorizeEndpointRequest(ctx context.Context, request oauth2.DeviceAuthorizeRequester) (err error)
- func (d *UserAuthorizeHandler) PopulateRFC8628UserAuthorizeEndpointResponse(ctx context.Context, request oauth2.DeviceAuthorizeRequester, ...) (err error)
type UserCodeStrategy

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CodeStrategy ¶

type CodeStrategy interface {
	DeviceCodeStrategy
	UserCodeStrategy
}

type DeviceAuthorizeHandler ¶

type DeviceAuthorizeHandler struct {
	Storage  Storage
	Strategy CodeStrategy
	Config   interface {
		oauth2.RFC9628DeviceAuthorizeConfigProvider
	}
}

DeviceAuthorizeHandler implements the Device Authorization Grant Flow's relying party interactions as defined in RFC8638 Section 3.1 and Section 3.2.

See: https://tools.ietf.org/html/rfc8628#section-3.1 and https://tools.ietf.org/html/rfc8628#section-3.2

func (*DeviceAuthorizeHandler) HandleRFC8628DeviceAuthorizeEndpointRequest ¶

func (d *DeviceAuthorizeHandler) HandleRFC8628DeviceAuthorizeEndpointRequest(ctx context.Context, dar oauth2.DeviceAuthorizeRequester, resp oauth2.DeviceAuthorizeResponder) (err error)

HandleRFC8628DeviceAuthorizeEndpointRequest implements the Device Authorization Grant Flow's relying party Device Authorization Request and Device Authorization Response as defined in RFC8638 Section 3.1 and Section 3.2.

See: https://tools.ietf.org/html/rfc8628#section-3.1 and https://tools.ietf.org/html/rfc8628#section-3.2

type DeviceAuthorizeTokenEndpointHandler ¶

type DeviceAuthorizeTokenEndpointHandler struct {
	hoauth2.GenericCodeTokenEndpointHandler
}

type DeviceCodeStrategy ¶

type DeviceCodeStrategy interface {
	RFC8628DeviceCodeSignature(ctx context.Context, code string) (signature string, err error)
	GenerateRFC8628DeviceCode(ctx context.Context) (code string, signature string, err error)
	ValidateRFC8628DeviceCode(ctx context.Context, r oauth2.Requester, code string) (err error)
}

type DeviceCodeTokenHandler ¶

type DeviceCodeTokenHandler struct {
	Storage  Storage
	Strategy CodeStrategy
	Config   interface {
		oauth2.RFC9628DeviceAuthorizeConfigProvider
	}
}

DeviceCodeTokenHandler is a response handler for the Device Code introduced in the Device Authorize Grant as defined in https://www.rfc-editor.org/rfc/rfc8628

func (*DeviceCodeTokenHandler) CanHandleTokenEndpointRequest ¶

func (c *DeviceCodeTokenHandler) CanHandleTokenEndpointRequest(_ context.Context, requester oauth2.AccessRequester) (handle bool)

func (*DeviceCodeTokenHandler) CanSkipClientAuth ¶

func (c *DeviceCodeTokenHandler) CanSkipClientAuth(_ context.Context, _ oauth2.AccessRequester) (skip bool)

func (*DeviceCodeTokenHandler) DeviceCodeSignature ¶

func (c *DeviceCodeTokenHandler) DeviceCodeSignature(ctx context.Context, code string) (signature string, err error)

func (*DeviceCodeTokenHandler) GetCodeAndSession ¶

func (c *DeviceCodeTokenHandler) GetCodeAndSession(ctx context.Context, requester oauth2.AccessRequester) (code string, signature string, r oauth2.Requester, err error)

func (*DeviceCodeTokenHandler) InvalidateSession ¶

func (c *DeviceCodeTokenHandler) InvalidateSession(ctx context.Context, signature string, requester oauth2.Requester) (err error)

func (*DeviceCodeTokenHandler) UpdateLastChecked ¶

func (c *DeviceCodeTokenHandler) UpdateLastChecked(ctx context.Context, requester oauth2.AccessRequester, authorizeRequest oauth2.Requester) (err error)

func (*DeviceCodeTokenHandler) ValidateCodeAndSession ¶

func (c *DeviceCodeTokenHandler) ValidateCodeAndSession(ctx context.Context, _ oauth2.AccessRequester, authorizeRequest oauth2.Requester, code string) (err error)

func (*DeviceCodeTokenHandler) ValidateGrantTypes ¶

func (c *DeviceCodeTokenHandler) ValidateGrantTypes(_ context.Context, requester oauth2.AccessRequester) (err error)

type Storage ¶

type Storage interface {
	// CreateDeviceCodeSession stores the device request for a given device code.
	CreateDeviceCodeSession(ctx context.Context, signature string, request oauth2.DeviceAuthorizeRequester) (err error)

	// UpdateDeviceCodeSession update in store the device code session for a given device code.
	UpdateDeviceCodeSession(ctx context.Context, signature string, request oauth2.DeviceAuthorizeRequester) (err error)

	// GetDeviceCodeSession hydrates the session based on the given device code and returns the device request.
	// If the device code has been invalidated with `InvalidateDeviceCodeSession`, this method should return
	// the oauth2.ErrInvalidatedDeviceCode error.
	//
	// Make sure to also return the oauth2.Requester value when returning the oauth2.ErrInvalidatedDeviceCode error.
	GetDeviceCodeSession(ctx context.Context, signature string, session oauth2.Session) (request oauth2.DeviceAuthorizeRequester, err error)

	// GetDeviceCodeSessionByUserCode hydrates the session based on the given device code and returns the device request.
	// If the device code has been invalidated with `InvalidateDeviceCodeSession`, this method should return the
	// oauth2.ErrInvalidatedDeviceCode error.
	//
	// Make sure to also return the oauth2.Requester value when returning the oauth2.ErrInvalidatedDeviceCode error.
	GetDeviceCodeSessionByUserCode(ctx context.Context, signature string, session oauth2.Session) (request oauth2.DeviceAuthorizeRequester, err error)

	// InvalidateDeviceCodeSession is called when a device code is being used. The state of the user
	// code should be set to invalid and consecutive requests to GetDeviceCodeSession should return the
	// oauth2.ErrInvalidatedDeviceCode error.
	InvalidateDeviceCodeSession(ctx context.Context, signature string) (err error)
}

type UserAuthorizeHandler ¶

type UserAuthorizeHandler struct {
	Storage  Storage
	Strategy CodeStrategy
	Config   interface {
		oauth2.RFC9628DeviceAuthorizeConfigProvider
	}
}

func (*UserAuthorizeHandler) HandleRFC8628UserAuthorizeEndpointRequest ¶

func (d *UserAuthorizeHandler) HandleRFC8628UserAuthorizeEndpointRequest(ctx context.Context, request oauth2.DeviceAuthorizeRequester) (err error)

HandleRFC8628UserAuthorizeEndpointRequest implements the Device Authorization Grant Flow's resource owner / user interactions Device Authorization Response as defined in RFC8638 Section 3.5.

See: https://datatracker.ietf.org/doc/html/rfc8628#section-3.5

func (*UserAuthorizeHandler) PopulateRFC8628UserAuthorizeEndpointResponse ¶

func (d *UserAuthorizeHandler) PopulateRFC8628UserAuthorizeEndpointResponse(ctx context.Context, request oauth2.DeviceAuthorizeRequester, response oauth2.DeviceUserAuthorizeResponder) (err error)

PopulateRFC8628UserAuthorizeEndpointResponse implements the Device Authorization Grant Flow's resource owner / user interactions Device Authorization Request as defined in RFC8638 Section 3.3 and 3.4.

See: https://datatracker.ietf.org/doc/html/rfc8628#section-3.3 and https://datatracker.ietf.org/doc/html/rfc8628#section-3.4

type UserCodeStrategy ¶

type UserCodeStrategy interface {
	RFC8628UserCodeSignature(ctx context.Context, code string) (signature string, err error)
	GenerateRFC8628UserCode(ctx context.Context) (code string, signature string, err error)
	ValidateRFC8628UserCode(ctx context.Context, r oauth2.Requester, code string) (err error)
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL