github.com/1aal/kubeblocks@v0.0.0-20231107070852-e1c03e598921/pkg/cli/cmd/auth/authorize/authenticator/authenticator.go

github.com/1aal/kubeblocks@v0.0.0-20231107070852-e1c03e598921/pkg/cli/cmd/auth/authorize/authenticator/authenticator.go (about)

     1  /*
     2  Copyright (C) 2022-2023 ApeCloud Co., Ltd
     3  
     4  This file is part of KubeBlocks project
     5  
     6  This program is free software: you can redistribute it and/or modify
     7  it under the terms of the GNU Affero General Public License as published by
     8  the Free Software Foundation, either version 3 of the License, or
     9  (at your option) any later version.
    10  
    11  This program is distributed in the hope that it will be useful
    12  but WITHOUT ANY WARRANTY; without even the implied warranty of
    13  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    14  GNU Affero General Public License for more details.
    15  
    16  You should have received a copy of the GNU Affero General Public License
    17  along with this program.  If not, see <http://www.gnu.org/licenses/>.
    18  */
    19  
    20  package authenticator
    21  
    22  import (
    23  	"context"
    24  	"fmt"
    25  	"net/http"
    26  )
    27  
    28  const (
    29  	PKCE   = "pkce"
    30  	Device = "device"
    31  )
    32  
    33  type Authenticator interface {
    34  	GetAuthorization(ctx context.Context, openURLFunc func(URL string), states ...string) (interface{}, error)
    35  	GetToken(ctx context.Context, authorization interface{}) (*TokenResponse, error)
    36  	GetUserInfo(ctx context.Context, token string) (*UserInfoResponse, error)
    37  	Logout(ctx context.Context, token string, openURLFunc func(URL string)) error
    38  	RefreshToken(ctx context.Context, refreshToken string) (*TokenResponse, error)
    39  }
    40  
    41  type TokenResponse struct {
    42  	AccessToken  string `json:"access_token"`
    43  	RefreshToken string `json:"refresh_token"`
    44  	IDToken      string `json:"id_token"`
    45  	ExpiresIn    int    `json:"expires_in"`
    46  }
    47  
    48  type RefreshTokenResponse struct {
    49  	AccessToken string `json:"access_token"`
    50  	ExpiresIn   int    `json:"expires_in"`
    51  	Scope       string `json:"scope"`
    52  	IDToken     string `json:"id_token"`
    53  	TokenType   string `json:"token_type"`
    54  }
    55  
    56  type UserInfoResponse struct {
    57  	Name    string `json:"name"`
    58  	Email   string `json:"email"`
    59  	Locale  string `json:"locale"`
    60  	Subject string `json:"sub"`
    61  }
    62  
    63  func NewAuthenticator(typeAuth string, client *http.Client, clientID string, authURL string) (Authenticator, error) {
    64  	if typeAuth == PKCE {
    65  		return newPKCEAuthenticator(client, clientID, authURL)
    66  	} else if typeAuth == Device {
    67  		return newDeviceAuthenticator(client, clientID, authURL)
    68  	}
    69  	return nil, fmt.Errorf("invalid type of authentication")
    70  }