Auth returns the OAuth 2.0 authentication url.
()
| 1196 | |
| 1197 | // Auth returns the OAuth 2.0 authentication url. |
| 1198 | func (o *oauth) Auth() (string, error) { |
| 1199 | u, err := url.Parse(o.authzEndpoint) |
| 1200 | if err != nil { |
| 1201 | return "", errors.WithStack(err) |
| 1202 | } |
| 1203 | |
| 1204 | q := u.Query() |
| 1205 | q.Add("client_id", o.clientID) |
| 1206 | q.Add("redirect_uri", o.redirectURI) |
| 1207 | if o.implicit { |
| 1208 | q.Add("response_type", "id_token token") |
| 1209 | } else { |
| 1210 | q.Add("response_type", "code") |
| 1211 | q.Add("code_challenge_method", "S256") |
| 1212 | s256 := sha256.Sum256([]byte(o.codeChallenge)) |
| 1213 | q.Add("code_challenge", base64.RawURLEncoding.EncodeToString(s256[:])) |
| 1214 | } |
| 1215 | q.Add("scope", o.scope) |
| 1216 | if o.prompt != "" { |
| 1217 | q.Add("prompt", o.prompt) |
| 1218 | } |
| 1219 | q.Add("state", o.state) |
| 1220 | q.Add("nonce", o.nonce) |
| 1221 | if o.loginHint != "" { |
| 1222 | q.Add("login_hint", o.loginHint) |
| 1223 | } |
| 1224 | for k, vs := range o.authParams { |
| 1225 | for _, v := range vs { |
| 1226 | q.Add(k, v) |
| 1227 | } |
| 1228 | } |
| 1229 | u.RawQuery = q.Encode() |
| 1230 | return u.String(), nil |
| 1231 | } |
| 1232 | |
| 1233 | // Exchange exchanges the authorization code for refresh and access tokens. |
| 1234 | func (o *oauth) Exchange(tokenEndpoint, code string) (*token, error) { |
no test coverage detected