import "golang.org/x/oauth2/internal"
Package internal contains support packages for oauth2 package.
func ContextClient(ctx context.Context) *http.Client
func ParseKey(key []byte) (*rsa.PrivateKey, error)
ParseKey converts the binary contents of a private key file to an *rsa.PrivateKey. It detects whether the private key is in a PEM container or not. If so, it extracts the private key from PEM container before conversion. It only supports PEM containers with no passphrase.
func RegisterBrokenAuthHeaderProvider(tokenURL string)
RegisterBrokenAuthHeaderProvider previously did something. It is now a no-op.
Deprecated: this function no longer does anything. Caller code that wants to avoid potential extra HTTP requests made during auto-probing of the provider's auth style should set Endpoint.AuthStyle.
type AuthStyle int
AuthStyle is a copy of the golang.org/x/oauth2 package's AuthStyle type.
const ( AuthStyleUnknown AuthStyle = 0 AuthStyleInParams AuthStyle = 1 AuthStyleInHeader AuthStyle = 2 )
type AuthStyleCache struct { // contains filtered or unexported fields }
AuthStyleCache is the set of tokenURLs we've successfully used via RetrieveToken and which style auth we ended up using. It's called a cache, but it doesn't (yet?) shrink. It's expected that the set of OAuth2 servers a program contacts over time is fixed and small.
type ContextKey struct{}
ContextKey is just an empty struct. It exists so HTTPClient can be an immutable public variable with a unique type. It's immutable because nobody else can create a ContextKey, being unexported.
var HTTPClient ContextKey
HTTPClient is the context key to use with golang.org/x/net/context's WithValue function to associate an *http.Client value with a context.
type LazyAuthStyleCache struct { // contains filtered or unexported fields }
LazyAuthStyleCache is a backwards compatibility compromise to let Configs have a lazily-initialized AuthStyleCache.
The two users of this, oauth2.Config and oauth2/clientcredentials.Config, both would ideally just embed an unexported AuthStyleCache but because both were historically allowed to be copied by value we can't retroactively add an uncopyable Mutex to them.
We could use an atomic.Pointer, but that was added recently enough (in Go 1.18) that we'd break Go 1.17 users where the tests as of 2023-08-03 still pass. By using an atomic.Value, it supports both Go 1.17 and copying by value, even if that's not ideal.
func (lc *LazyAuthStyleCache) Get() *AuthStyleCache
type RetrieveError struct { Response *http.Response Body []byte ErrorCode string ErrorDescription string ErrorURI string }
mirrors oauth2.RetrieveError
func (r *RetrieveError) Error() string
type Token struct { // AccessToken is the token that authorizes and authenticates // the requests. AccessToken string // TokenType is the type of token. // The Type method returns either this or "Bearer", the default. TokenType string // RefreshToken is a token that's used by the application // (as opposed to the user) to refresh the access token // if it expires. RefreshToken string // Expiry is the optional expiration time of the access token. // // If zero, TokenSource implementations will reuse the same // token forever and RefreshToken or equivalent // mechanisms for that TokenSource will not be used. Expiry time.Time // Raw optionally contains extra metadata from the server // when updating a token. Raw interface{} }
Token represents the credentials used to authorize the requests to access protected resources on the OAuth 2.0 provider's backend.
This type is a mirror of oauth2.Token and exists to break an otherwise-circular dependency. Other internal packages should convert this Token into an oauth2.Token before use.
func RetrieveToken(ctx context.Context, clientID, clientSecret, tokenURL string, v url.Values, authStyle AuthStyle, styleCache *AuthStyleCache) (*Token, error)