74 lines
2.5 KiB
Go
74 lines
2.5 KiB
Go
package auth
|
||
|
||
import (
|
||
"encoding/json"
|
||
"net/url"
|
||
|
||
"github.com/google/go-querystring/query"
|
||
)
|
||
|
||
type Claim string
|
||
|
||
const (
|
||
// The email address of the user that authorized the app.
|
||
Email Claim = "email"
|
||
|
||
// A Boolean value that indicates whether Twitch has verified the user’s email address. Is true if Twitch has verified the user’s email address.
|
||
EmailVerified Claim = "email_verified"
|
||
|
||
// A URL to the user’s profile image if they included one; otherwise, a default image.
|
||
Picture Claim = "picture"
|
||
|
||
// The user’s display name.
|
||
PreferredUsername Claim = "preferred_username"
|
||
|
||
// The date and time that the user last updated their profile.
|
||
UpdatedAt Claim = "updated_at"
|
||
)
|
||
|
||
// Claims identify information about the user that authorized your app.
|
||
//
|
||
// To include the non-default claims, include the claims query parameter in your /authorize request.
|
||
// Set the claims query parameter to a string-encoded JSON object. The JSON object may contain the id_token and userinfo fields.
|
||
// Set id_token field to an object that specifies the claims that you want to include in the ID token,
|
||
// and set the userinfo field to an object that specifies the claims that you want to retrieve using the UserInfo endpoint.
|
||
// Each claim is a name/value pair, where name is the claim (e.g., email) and value is null.
|
||
//
|
||
// You may specify the claims in the id_tokenfield or the userinfo field or both fields.
|
||
// There are no uniqueness constraints — you may specify the same claim in both fields.
|
||
// The following claims object tells the server to include the user’s email and email
|
||
// verification state in the ID token and make the user’s profile image available through the UserInfo endpoint.
|
||
//
|
||
// {
|
||
// "id_token": {
|
||
// "email": null,
|
||
// "email_verified": null
|
||
// },
|
||
// "userinfo": {
|
||
// "picture": null
|
||
// }
|
||
// }
|
||
//
|
||
// The following example shows the claims query parameter set to the above claims object.
|
||
//
|
||
// claims={"id_token":{"email":null,"email_verified":null},"userinfo":{"picture":null}}
|
||
//
|
||
// NOTE If you specify the email or email_verified claims, you must include the user:read:email scope in your list of scopes.
|
||
type Claims struct {
|
||
IDToken map[Claim]any `json:"id_token"`
|
||
UserInfo map[Claim]any `json:"user_info"`
|
||
}
|
||
|
||
var _ query.Encoder = (*Claims)(nil)
|
||
|
||
// EncodeValues implements query.Encoder.
|
||
func (c *Claims) EncodeValues(key string, v *url.Values) error {
|
||
data, err := json.Marshal(c)
|
||
if err != nil {
|
||
return err
|
||
}
|
||
|
||
v.Set(key, string(data))
|
||
return nil
|
||
}
|