OSIN Example
The purpose of this repository is to provide Golang example code of an identity provider using oAuth 2.0 to grant access to users and third-party developers. This code uses the openshift/osin
Golang oAuth 2.0 library.
Setup
-
Clone the project.
-
Install the dependencies
go get ./...
-
Please create a default client which you can use to a frontend.
go run main.go add_client --client_id=frontend \
--client_secret=pleasechangethisnow \
--redirect_uri=http://127.0.0.1:8002/appauth/code
-
Setup the database.
-
Run the following environment variables in your terminal:
export OSIN_DB_HOST=localhost
export OSIN_DB_PORT=5432
export OSIN_DB_USER=golang
export OSIN_DB_PASSWORD=123password
export OSIN_DB_NAME=osinexample_db
export OSIN_APP_ADDRESS=http://127.0.0.1:8000
export OSIN_APP_SECRET_KEY=pass-secret-1234566-please-change-me
export OSIN_APP_FRONTEND_CLIENT_ID=frontend
export OSIN_APP_FRONTEND_CLIENT_SECRET=pleasechangethisnow
export OSIN_APP_FRONTEND_RETURN_URL=http://127.0.0.1:8001/appauth/code
-
Run the server.
go run main.go serve
-
You are ready to use your server.
Documentation
Unprotected Resources
User Registration
Register an identity with our system.
go run main.go register -b=Bart -c=Mika -d=demo@demo.com -e=123password -f=en
User Login
Simple login, run and then copy+paste the result export to the terminal
go run main.go login --email=demo@demo.com --password=123password
User Token Refresh
Get new refresh API
go run main.go refresh_token --refresh_token=xxx --grant_type=refresh_token
oAuth 2.0
Password Grant
Here is how you do password based grant
go run main.go osin_password --email=demo@demo.com \
--password=123password \
--client_id=frontend \
--client_secret=pleasechangethisnow \
--redirect_uri=http://127.0.0.1:8001/appauth/code \
--authorize_uri=http://localhost:8000/authorize \
--token_url=http://localhost:8000/token
Client Credentials Grant
Get our token from the client credentials.
go run main.go osin_client_credential --client_id=frontend \
--client_secret=pleasechangethisnow \
--redirect_uri=http://127.0.0.1:8001/appauth/code \
--authorize_uri=http://localhost:8000/authorize \
--token_url=http://localhost:8000/authorize
Refresh Token
Let's refresh our access token with our refresh token.
go run main.go osin_refresh_token --client_id=frontend \
--client_secret=pleasechangethisnow \
--redirect_uri=http://127.0.0.1:8001/appauth/code \
--authorize_uri=http://localhost:8000/authorize \
--token_url=http://localhost:8000/authorize
Protect Resources
Get Tenant
Check we are able to access our protected resource
go run main.go tenant_retrieve --id=1
License
Made with ❤️ by Bartlomiej Mika.
The project is licensed under the Unlicense.
Third party libraries and resources: