README
¶
oauthctx
This library is used to bypass golang oauth2 package token source limitations: https://github.com/golang/oauth2/issues/262
The aim ot this library is to implement only the smallest possible subset of functionality for context support. It will reuse original library as match as possible. This goal is achieved through these steps:
- Reuse basic token retrieval by adopting existing data types, which implement
Oauth2TokenConfigandOauth2TokenSourceWithContext. Seeconvert.go - Reusing high-level functions by retrieving Token through context-aware
TokenSourceand passing it to the existing implementation with the help ofoauth2.StaticTokenSourc. Seetransport.goandgrpc/credentials.go - Reimplement only a small subset like
ReuseTokenSourceortokenRefresher, which is focused and bug-free.
All configuration is provided with the option pattern (no more context.WithValue mess).
All functions, provided in this library, should be familiar to oauth2 users. If something is missing - feel free to open an issue or make a PR. I believe, that everything can be adopted by this approach. The library is already used in production.
Code examples
// grpc
package main
import (
"golang.org/x/oauth2"
"google.golang.org/grpc/credentials"
gcred "google.golang.org/grpc/credentials/google"
"github.com/TelpeNight/oauthctx"
grpcctx "github.com/TelpeNight/oauthctx/grpc"
)
var conf = oauthctx.NewConfig(&oauth2.Config{
//...
})
var refreshToken string = "..."
ts := conf.TokenSource(
&oauth2.Token{RefreshToken: refreshToken},
// custom http.Client can be provided with option
oauthctx.TokenSourceWithClient(...))
ts = oauthctx.ReuseTokenSource(nil, ts)
var bundle credentials.Bundle = gcred.NewDefaultCredentialsWithOptions(
gcred.DefaultCredentialsOptions{
PerRPCCreds: &grpcctx.TokenSource{
TokenSource: ts,
},
},
)
// use bundle to create a client. methods' context will be passed to oauth2, so overall call will respect timeouts
Documentation
¶
Index ¶
- func NewClient(src TokenSource, ops ...ClientOp) *http.Client
- func Oauth2ContextClient(ctx context.Context) *http.Client
- func WithExpiredToken(ctx context.Context) context.Context
- type ClientCredentials
- func (c *ClientCredentials) Client(ops ...RequestFlowOp) *http.Client
- func (c *ClientCredentials) Token(ctx context.Context) (*oauth2.Token, error)
- func (c *ClientCredentials) TokenSource(ops ...TokenSourceOp) TokenSource
- func (c *ClientCredentials) TokenWithOptions(ctx context.Context, ops ...TokenSourceOp) (*oauth2.Token, error)
- type ClientOp
- type Config
- type NewOauth2Token
- type NewOauth2TokenSource
- type Oauth2TokenConfig
- type Oauth2TokenSourceWithContext
- type RequestFlowConfig
- type RequestFlowOp
- type TokenSource
- type TokenSourceConfig
- type TokenSourceOp
- type Transport
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewClient ¶
func NewClient(src TokenSource, ops ...ClientOp) *http.Client
NewClient creates an *http.Client from TokenSource.
func Oauth2ContextClient ¶
Oauth2ContextClient is a helper function to get oauth2.HTTPClient. Returns nil on missing value
Types ¶
type ClientCredentials ¶
type ClientCredentials struct{ *clientcredentials.Config }
ClientCredentials describes a 2-legged OAuth2 flow, with both the client application information and the server's endpoint URLs.
func NewClientCredentials ¶
func NewClientCredentials(cfg *clientcredentials.Config) *ClientCredentials
NewClientCredentials creates new ClientCredentials
func (*ClientCredentials) Client ¶
func (c *ClientCredentials) Client(ops ...RequestFlowOp) *http.Client
Client returns an HTTP client using the provided token. The token will auto-refresh as necessary.
The provided options control which HTTP client is used.
The returned Client and its Transport should not be modified.
func (*ClientCredentials) TokenSource ¶
func (c *ClientCredentials) TokenSource(ops ...TokenSourceOp) TokenSource
TokenSource returns a TokenSource that returns t until t expires, automatically refreshing it as necessary using the provided options and the client ID and client secret.
Most users will use Config.Client instead.
func (*ClientCredentials) TokenWithOptions ¶
func (c *ClientCredentials) TokenWithOptions(ctx context.Context, ops ...TokenSourceOp) (*oauth2.Token, error)
TokenWithOptions uses client credentials to retrieve a token.
The provided options optionally controls which HTTP client is used.
type ClientOp ¶
type ClientOp func(o *clientOp)
ClientOp is an option for NewClient
func ClientWithRequestClient ¶
ClientWithRequestClient is an option for underlying request client
type Config ¶
Config describes a typical 3-legged OAuth2 flow, with both the client application information and the server's endpoint URLs. For the client credentials 2-legged OAuth2 flow, see the ClientCredentials.
func (*Config) Client ¶
Client returns an HTTP client using the provided token. The token will auto-refresh as necessary. The underlying HTTP transport will be obtained from options. The returned client and its Transport should not be modified.
func (*Config) TokenSource ¶
func (c *Config) TokenSource(t *oauth2.Token, ops ...TokenSourceOp) TokenSource
TokenSource returns a TokenSource that returns t until t expires, automatically refreshing it as necessary.
Most users will use Config.Client instead.
type NewOauth2Token ¶
NewOauth2Token is a factory func, which implements Oauth2TokenSourceWithContext
type NewOauth2TokenSource ¶
type NewOauth2TokenSource func(ctx context.Context) oauth2.TokenSource
NewOauth2TokenSource is a factory func, which implements Oauth2TokenConfig
func (NewOauth2TokenSource) TokenSource ¶
func (n NewOauth2TokenSource) TokenSource(ctx context.Context) oauth2.TokenSource
TokenSource implements Oauth2TokenConfig
type Oauth2TokenConfig ¶
type Oauth2TokenConfig interface {
TokenSource(ctx context.Context) oauth2.TokenSource
}
Oauth2TokenConfig is an interface, implemented by some oauth2 types (usually configs), that can be adopted by this library
type Oauth2TokenSourceWithContext ¶
Oauth2TokenSourceWithContext is an interface, implemented by some oauth2 types like clientcredentials.Config, that can be adopted by this library
type RequestFlowConfig ¶
type RequestFlowConfig struct {
// contains filtered or unexported fields
}
RequestFlowConfig is configuration for oauth2 request flow.
Currently, provides optional http clients
func NewRequestFlowConfig ¶
func NewRequestFlowConfig(ops ...RequestFlowOp) *RequestFlowConfig
NewRequestFlowConfig creates RequestFlowConfig from RequestFlowOp. nil is a valid RequestFlowConfig
func (*RequestFlowConfig) ClientOps ¶
func (o *RequestFlowConfig) ClientOps() []ClientOp
ClientOps creates options for functions like NewClient
func (*RequestFlowConfig) TokenSourceOps ¶
func (o *RequestFlowConfig) TokenSourceOps() []TokenSourceOp
TokenSourceOps creates options for functions like Config.TokenSource
type RequestFlowOp ¶
type RequestFlowOp func(o *RequestFlowConfig)
RequestFlowOp is generic option for whole oauth2 flow
func RequestFlowWithClient ¶
func RequestFlowWithClient(client *http.Client) RequestFlowOp
RequestFlowWithClient is an option for both token and request clients
func RequestFlowWithRequestClient ¶
func RequestFlowWithRequestClient(client *http.Client) RequestFlowOp
RequestFlowWithRequestClient is an option for request client
func RequestFlowWithTokenClient ¶
func RequestFlowWithTokenClient(client *http.Client) RequestFlowOp
RequestFlowWithTokenClient is an option for token client
type TokenSource ¶
TokenSource is a core interface for context-aware logic
func AdoptTokenConfig ¶
func AdoptTokenConfig(src Oauth2TokenConfig, ops ...TokenSourceOp) TokenSource
AdoptTokenConfig converts Oauth2TokenConfig to TokenSource
func AdoptTokenSourceWithContext ¶
func AdoptTokenSourceWithContext(src Oauth2TokenSourceWithContext, ops ...TokenSourceOp) TokenSource
AdoptTokenSourceWithContext converts Oauth2TokenSourceWithContext to TokenSource
func ReuseTokenSource ¶
func ReuseTokenSource(t *oauth2.Token, src TokenSource) TokenSource
ReuseTokenSource returns a TokenSource which repeatedly returns the same token as long as it's valid, starting with t. When its cached token is invalid, a new token is obtained from src.
type TokenSourceConfig ¶
type TokenSourceConfig struct {
// contains filtered or unexported fields
}
TokenSourceConfig is a config for TokenSource.
Currently, provides only optional http client.
func NewTokenSourceConfig ¶
func NewTokenSourceConfig(ops ...TokenSourceOp) *TokenSourceConfig
NewTokenSourceConfig creates TokenSourceConfig from TokenSourceOp. nil is a valid TokenSourceConfig
func (*TokenSourceConfig) GetOptionalClient ¶
func (o *TokenSourceConfig) GetOptionalClient() *http.Client
GetOptionalClient returns http client or nil
func (*TokenSourceConfig) WithOauth2HTTPClient ¶
func (o *TokenSourceConfig) WithOauth2HTTPClient(ctx context.Context) context.Context
WithOauth2HTTPClient is used to set oauth2.HTTPClient to context
type TokenSourceOp ¶
type TokenSourceOp func(o *TokenSourceConfig)
TokenSourceOp is an option for TokenSource
func TokenSourceWithClient ¶
func TokenSourceWithClient(client *http.Client) TokenSourceOp
TokenSourceWithClient is an option for token client
type Transport ¶
type Transport struct {
// Source supplies the token to add to outgoing requests'
// Authorization headers.
Source TokenSource
// Base is the base RoundTripper used to make HTTP requests.
// If nil, http.DefaultTransport is used.
Base http.RoundTripper
}
Transport is a http.RoundTripper that makes OAuth 2.0 HTTP requests, wrapping a base RoundTripper and adding an Authorization header with a token from the supplied Sources.
Transport is a low-level mechanism. Most code will use the higher-level NewClient function instead.
Source Files
Directories