idtoken
package
This package is not in the latest version of its module.
Details
Validgo.mod file
The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
- Redistributable license
Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
- Tagged version
Modules with tagged versions give importers more predictable builds.
Stable versionWhen a project reaches major version v1 it is considered stable.
- Learn more about best practices
Repository
Links
Open Source Insights
Documentation¶
Overview¶
Package idtoken provides utilities for creating authenticated transports withID Tokens for Google HTTP APIs. It also provides methods to validate Googleissued ID tokens.
Index¶
Examples¶
Constants¶
This section is empty.
Variables¶
This section is empty.
Functions¶
funcNewClient¶
NewClient creates a HTTP Client that automatically adds an ID token to eachrequest via an Authorization header. The token will have the audienceprovided and be configured with the supplied options. The parameter audiencemay not be empty.
funcNewTokenSource¶
func NewTokenSource(ctxcontext.Context, audiencestring, opts ...ClientOption) (oauth2.TokenSource,error)
NewTokenSource creates a TokenSource that returns ID tokens with the audienceprovided and configured with the supplied options. The parameter audience maynot be empty.
Example (SetAuthorizationHeader)¶
package mainimport ("context""net/http""google.golang.org/api/idtoken")func main() {ctx := context.Background()audience := "http://example.com"ts, err := idtoken.NewTokenSource(ctx, audience)if err != nil {// TODO: Handle error.}token, err := ts.Token()if err != nil {// TODO: Handle error.}req, err := http.NewRequest(http.MethodGet, audience, nil)if err != nil {// TODO: Handle error.}token.SetAuthHeader(req)}Types¶
typeClientOption¶
type ClientOption =option.ClientOption
ClientOption is for configuring a Google API client or transport.
funcWithCredentialsFile¶
func WithCredentialsFile(filenamestring)ClientOption
WithCredentialsFile returns a ClientOption that authenticatesAPI calls with the given service account or refresh token JSONcredentials file.
funcWithCredentialsJSON¶
func WithCredentialsJSON(p []byte)ClientOption
WithCredentialsJSON returns a ClientOption that authenticatesAPI calls with the given service account or refresh token JSONcredentials.
funcWithCustomClaims¶
func WithCustomClaims(customClaims map[string]interface{})ClientOption
WithCustomClaims optionally specifies custom private claims for an ID token.
funcWithHTTPClient¶
func WithHTTPClient(client *http.Client)ClientOption
WithHTTPClient returns a ClientOption that specifies the HTTP client to useas the basis of communications. This option may only be used with servicesthat support HTTP as their communication transport. When used, theWithHTTPClient option takes precedent over all other supplied options.
typePayload¶
type Payload struct {Issuerstring `json:"iss"`Audiencestring `json:"aud"`Expiresint64 `json:"exp"`IssuedAtint64 `json:"iat"`Subjectstring `json:"sub,omitempty"`Claims map[string]interface{} `json:"-"`}Payload represents a decoded payload of an ID Token.
funcParsePayload¶added inv0.141.0
ParsePayload parses the given token and returns its payload.
Warning: This function does not validate the token prior to parsing it.
ParsePayload is primarily meant to be used to inspect a token's payload. This isuseful when validation fails and the payload needs to be inspected.
Note: A successful Validate() invocation with the same token will return anidentical payload.
typeValidator¶
type Validator struct {// contains filtered or unexported fields}Validator provides a way to validate Google ID Tokens with a user providedhttp.Client.
funcNewValidator¶
func NewValidator(ctxcontext.Context, opts ...ClientOption) (*Validator,error)
NewValidator creates a Validator that uses the options provided to configurea the internal http.Client that will be used to make requests to fetch JWKs.
Source Files