func ContextClient(ctx context.Context) *http.Client
func ParseKey(key []byte) (*rsa.PrivateKey, error)
ParseKey converts the binary contents of a private key file to an *rsa.PrivateKey. It detects whether the private key is in a PEM container or not. If so, it extracts the private key from PEM container before conversion. It only supports PEM containers with no passphrase.
func RegisterBrokenAuthHeaderProvider(tokenURL string)
RegisterBrokenAuthHeaderProvider previously did something. It is now a no-op.
Deprecated: this function no longer does anything. Caller code that wants to avoid potential extra HTTP requests made during auto-probing of the provider's auth style should set Endpoint.AuthStyle.
AuthStyle is a copy of the golang.org/x/oauth2 package's AuthStyle type.
type AuthStyle int
const (
AuthStyleUnknown AuthStyle = 0
AuthStyleInParams AuthStyle = 1
AuthStyleInHeader AuthStyle = 2
)
AuthStyleCache is the set of tokenURLs we've successfully used via RetrieveToken and which style auth we ended up using. It's called a cache, but it doesn't (yet?) shrink. It's expected that the set of OAuth2 servers a program contacts over time is fixed and small.
type AuthStyleCache struct {
// contains filtered or unexported fields
}
ContextKey is just an empty struct. It exists so HTTPClient can be an immutable public variable with a unique type. It's immutable because nobody else can create a ContextKey, being unexported.
type ContextKey struct{}
HTTPClient is the context key to use with golang.org/x/net/context's WithValue function to associate an *http.Client value with a context.
var HTTPClient ContextKey
LazyAuthStyleCache is a backwards compatibility compromise to let Configs have a lazily-initialized AuthStyleCache.
The two users of this, oauth2.Config and oauth2/clientcredentials.Config, both would ideally just embed an unexported AuthStyleCache but because both were historically allowed to be copied by value we can't retroactively add an uncopyable Mutex to them.
We could use an atomic.Pointer, but that was added recently enough (in Go 1.18) that we'd break Go 1.17 users where the tests as of 2023-08-03 still pass. By using an atomic.Value, it supports both Go 1.17 and copying by value, even if that's not ideal.
type LazyAuthStyleCache struct {
// contains filtered or unexported fields
}
func (lc *LazyAuthStyleCache) Get() *AuthStyleCache
mirrors oauth2.RetrieveError
type RetrieveError struct {
Response *http.Response
Body []byte
ErrorCode string
ErrorDescription string
ErrorURI string
}
func (r *RetrieveError) Error() string
Token represents the credentials used to authorize the requests to access protected resources on the OAuth 2.0 provider's backend.
This type is a mirror of oauth2.Token and exists to break an otherwise-circular dependency. Other internal packages should convert this Token into an oauth2.Token before use.
type Token struct {
// AccessToken is the token that authorizes and authenticates
// the requests.
AccessToken string
// TokenType is the type of token.
// The Type method returns either this or "Bearer", the default.
TokenType string
// RefreshToken is a token that's used by the application
// (as opposed to the user) to refresh the access token
// if it expires.
RefreshToken string
// Expiry is the optional expiration time of the access token.
//
// If zero, TokenSource implementations will reuse the same
// token forever and RefreshToken or equivalent
// mechanisms for that TokenSource will not be used.
Expiry time.Time
// Raw optionally contains extra metadata from the server
// when updating a token.
Raw interface{}
}
func RetrieveToken(ctx context.Context, clientID, clientSecret, tokenURL string, v url.Values, authStyle AuthStyle, styleCache *AuthStyleCache) (*Token, error)