Documentation ¶
Index ¶
- Constants
- func Authorize(secretKey string, formatter TokenSecureFormatter) gin.HandlerFunc
- func CheckBasicAuthentication(username, password string, ctx *gin.Context) error
- func Fail(c *gin.Context, code, message interface{})
- func GetBasicAuthentication(ctx *gin.Context) (username, password string, err error)
- func Successful(c *gin.Context, data interface{})
- type Any
- type AuthorizationCodeVerifier
- type BearerAuthentication
- type CredentialsVerifier
- type OAuthBearerServer
- func (s *OAuthBearerServer) AuthAccessToken(ctx *gin.Context)
- func (s *OAuthBearerServer) AuthRefreshToken(ctx *gin.Context)
- func (s *OAuthBearerServer) AuthorizationCode(ctx *gin.Context)
- func (s *OAuthBearerServer) Authorize(ctx *gin.Context)
- func (s *OAuthBearerServer) ClientCredentials(ctx *gin.Context)
- func (s *OAuthBearerServer) UserCredentials(ctx *gin.Context)
- type RC4TokenSecureFormatter
- type RefreshToken
- type SHA256RC4TokenSecureFormatter
- type Token
- type TokenProvider
- func (tp *TokenProvider) CryptRefreshToken(t *RefreshToken) (token string, err error)
- func (tp *TokenProvider) CryptToken(t *Token) (token string, err error)
- func (tp *TokenProvider) DecryptRefreshTokens(refreshToken string) (refresh *RefreshToken, err error)
- func (tp *TokenProvider) DecryptToken(token string) (t *Token, err error)
- type TokenResponse
- type TokenSecureFormatter
Constants ¶
const (
TOKEN_TYPE = "Bearer"
)
Variables ¶
This section is empty.
Functions ¶
func Authorize ¶
func Authorize(secretKey string, formatter TokenSecureFormatter) gin.HandlerFunc
Authorize is the OAuth 2.0 middleware for Gin-Gonic resource server. Authorize creates a BearerAuthentication middlever and return the Authorize method.
func CheckBasicAuthentication ¶
Check Basic Autrhorization header credentials
func GetBasicAuthentication ¶
GetBasicAuthentication get username and password from Authorization header
func Successful ¶
Types ¶
type AuthorizationCodeVerifier ¶
type AuthorizationCodeVerifier interface { // ValidateCode checks the authorization code and returns the user credential ValidateCode(appid, secret, code, redirectURI string, req *http.Request) (string, error) }
AuthorizationCodeVerifier defines the interface of the Authorization Code verifier
type BearerAuthentication ¶
type BearerAuthentication struct {
// contains filtered or unexported fields
}
BearerAuthentication middleware for Gin-Gonic
func NewBearerAuthentication ¶
func NewBearerAuthentication(secretKey string, formatter TokenSecureFormatter) *BearerAuthentication
NewBearerAuthentication create a BearerAuthentication middleware
func (*BearerAuthentication) Authorize ¶
func (ba *BearerAuthentication) Authorize(ctx *gin.Context)
Authorize verifies the bearer token authorizing or not the request. Token is retreived from the Authorization HTTP header that respects the format Authorization: Bearer {access_token}
type CredentialsVerifier ¶
type CredentialsVerifier interface { // Validate username and password returning an error if the user credentials are wrong ValidateUser(username, password, scope string, req *http.Request) error // Validate appid and secret returning an error if the client credentials are wrong ValidateClient(appid, secret, scope string, req *http.Request) error // Provide additional claims to the token AddClaims(credential, tokenID, tokenType, scope string) (map[string]string, error) // Optionally store the tokenID generated for the user StoreTokenId(credential, tokenID, refreshTokenID, tokenType string) error // Optionally validate previously stored tokenID during refresh request ValidateTokenId(credential, tokenID, refreshTokenID, tokenType string) error // Response_type=code Verify whether the code obtained is legal ValidateResponseCode(appid, redirectURI, state, scope string) (int, interface{}) }
CredentialsVerifier defines the interface of the user and client credentials verifier.
type OAuthBearerServer ¶
OAuthBearerServer is the OAuth 2 Bearer Server implementation.
func NewOAuthBearerServer ¶
func NewOAuthBearerServer(secretKey string, ttl time.Duration, verifier CredentialsVerifier, formatter TokenSecureFormatter) *OAuthBearerServer
NewOAuthBearerServer creates new OAuth 2 Bearer Server
func (*OAuthBearerServer) AuthAccessToken ¶
func (s *OAuthBearerServer) AuthAccessToken(ctx *gin.Context)
AuthAccessToken get token
func (*OAuthBearerServer) AuthRefreshToken ¶
func (s *OAuthBearerServer) AuthRefreshToken(ctx *gin.Context)
AuthRefreshToken refresh token
func (*OAuthBearerServer) AuthorizationCode ¶
func (s *OAuthBearerServer) AuthorizationCode(ctx *gin.Context)
AuthorizationCode manages authorization code grant type requests for the phase two of the authorization process
func (*OAuthBearerServer) Authorize ¶
func (s *OAuthBearerServer) Authorize(ctx *gin.Context)
AuthAccessToken get token
func (*OAuthBearerServer) ClientCredentials ¶
func (s *OAuthBearerServer) ClientCredentials(ctx *gin.Context)
ClientCredentials manages client credentials grant type requests
func (*OAuthBearerServer) UserCredentials ¶
func (s *OAuthBearerServer) UserCredentials(ctx *gin.Context)
UserCredentials manages password grant type requests
type RC4TokenSecureFormatter ¶
type RC4TokenSecureFormatter struct {
// contains filtered or unexported fields
}
func NewRC4TokenSecurityProvider ¶
func NewRC4TokenSecurityProvider(key []byte) *RC4TokenSecureFormatter
func (*RC4TokenSecureFormatter) CryptToken ¶
func (sc *RC4TokenSecureFormatter) CryptToken(source []byte) ([]byte, error)
func (*RC4TokenSecureFormatter) DecryptToken ¶
func (sc *RC4TokenSecureFormatter) DecryptToken(source []byte) ([]byte, error)
type RefreshToken ¶
type RefreshToken struct { CreationDate time.Time `json:"date"` TokenId string `json:"id_token"` RefreshTokenId string `json:"id_refresh_token"` Credential string `json:"credential"` TokenType string `json:"type"` // "U" for user, "C" for client Scope string `json:"scope"` }
RefreshToken structure included in the authorization server response
type SHA256RC4TokenSecureFormatter ¶
type SHA256RC4TokenSecureFormatter struct {
// contains filtered or unexported fields
}
func NewSHA256RC4TokenSecurityProvider ¶
func NewSHA256RC4TokenSecurityProvider(key []byte) *SHA256RC4TokenSecureFormatter
func (*SHA256RC4TokenSecureFormatter) CryptToken ¶
func (sc *SHA256RC4TokenSecureFormatter) CryptToken(source []byte) ([]byte, error)
func (*SHA256RC4TokenSecureFormatter) DecryptToken ¶
func (sc *SHA256RC4TokenSecureFormatter) DecryptToken(source []byte) ([]byte, error)
type Token ¶
type Token struct { Id string `json:"id_token"` CreationDate time.Time `json:"date"` ExperesIn time.Duration `json:"expires_in"` // secs Credential string `json:"credential"` Scope string `json:"scope"` Claims map[string]string `json:"claims"` TokenType string `json:"type"` // "U" for user, "C" for client }
Token structure generated by the authorization server
type TokenProvider ¶
type TokenProvider struct {
// contains filtered or unexported fields
}
func NewTokenProvider ¶
func NewTokenProvider(formatter TokenSecureFormatter) *TokenProvider
func (*TokenProvider) CryptRefreshToken ¶
func (tp *TokenProvider) CryptRefreshToken(t *RefreshToken) (token string, err error)
func (*TokenProvider) CryptToken ¶
func (tp *TokenProvider) CryptToken(t *Token) (token string, err error)
func (*TokenProvider) DecryptRefreshTokens ¶
func (tp *TokenProvider) DecryptRefreshTokens(refreshToken string) (refresh *RefreshToken, err error)
func (*TokenProvider) DecryptToken ¶
func (tp *TokenProvider) DecryptToken(token string) (t *Token, err error)