74 lines
2.5 KiB
Go
74 lines
2.5 KiB
Go
|
package auth
|
|||
|
|
|
|||
|
|
import (
|
|||
|
|
"encoding/json"
|
|||
|
|
"net/url"
|
|||
|
|
|
|||
|
|
"github.com/google/go-querystring/query"
|
|||
|
|
)
|
|||
|
|
|
|||
|
|
type Claim string
|
|||
|
|
|
|||
|
|
const (
|
|||
|
|
// The email address of the user that authorized the app.
|
|||
|
|
Email Claim = "email"
|
|||
|
|
|
|||
|
|
// A Boolean value that indicates whether Twitch has verified the user’s email address. Is true if Twitch has verified the user’s email address.
|
|||
|
|
EmailVerified Claim = "email_verified"
|
|||
|
|
|
|||
|
|
// A URL to the user’s profile image if they included one; otherwise, a default image.
|
|||
|
|
Picture Claim = "picture"
|
|||
|
|
|
|||
|
|
// The user’s display name.
|
|||
|
|
PreferredUsername Claim = "preferred_username"
|
|||
|
|
|
|||
|
|
// The date and time that the user last updated their profile.
|
|||
|
|
UpdatedAt Claim = "updated_at"
|
|||
|
|
)
|
|||
|
|
|
|||
|
|
// Claims identify information about the user that authorized your app.
|
|||
|
|
//
|
|||
|
|
// To include the non-default claims, include the claims query parameter in your /authorize request.
|
|||
|
|
// Set the claims query parameter to a string-encoded JSON object. The JSON object may contain the id_token and userinfo fields.
|
|||
|
|
// Set id_token field to an object that specifies the claims that you want to include in the ID token,
|
|||
|
|
// and set the userinfo field to an object that specifies the claims that you want to retrieve using the UserInfo endpoint.
|
|||
|
|
// Each claim is a name/value pair, where name is the claim (e.g., email) and value is null.
|
|||
|
|
//
|
|||
|
|
// You may specify the claims in the id_tokenfield or the userinfo field or both fields.
|
|||
|
|
// There are no uniqueness constraints — you may specify the same claim in both fields.
|
|||
|
|
// The following claims object tells the server to include the user’s email and email
|
|||
|
|
// verification state in the ID token and make the user’s profile image available through the UserInfo endpoint.
|
|||
|
|
//
|
|||
|
|
// {
|
|||
|
|
// "id_token": {
|
|||
|
|
// "email": null,
|
|||
|
|
// "email_verified": null
|
|||
|
|
// },
|
|||
|
|
// "userinfo": {
|
|||
|
|
// "picture": null
|
|||
|
|
// }
|
|||
|
|
// }
|
|||
|
|
//
|
|||
|
|
// The following example shows the claims query parameter set to the above claims object.
|
|||
|
|
//
|
|||
|
|
// claims={"id_token":{"email":null,"email_verified":null},"userinfo":{"picture":null}}
|
|||
|
|
//
|
|||
|
|
// NOTE If you specify the email or email_verified claims, you must include the user:read:email scope in your list of scopes.
|
|||
|
|
type Claims struct {
|
|||
|
|
IDToken map[Claim]any `json:"id_token"`
|
|||
|
|
UserInfo map[Claim]any `json:"user_info"`
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
var _ query.Encoder = (*Claims)(nil)
|
|||
|
|
|
|||
|
|
// EncodeValues implements query.Encoder.
|
|||
|
|
func (c *Claims) EncodeValues(key string, v *url.Values) error {
|
|||
|
|
data, err := json.Marshal(c)
|
|||
|
|
if err != nil {
|
|||
|
|
return err
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
v.Set(key, string(data))
|
|||
|
|
return nil
|
|||
|
|
}
|