Documentation ¶
Index ¶
- Constants
- func ValidateUri(baseUri string, redirectUri string) error
- type AccessData
- type AccessRequest
- type AccessRequestType
- type AccessTokenGen
- type AccessTokenGenDefault
- type AllowedAccessType
- type AllowedAuthorizeType
- type AuthorizeData
- type AuthorizeRequest
- type AuthorizeRequestType
- type AuthorizeTokenGen
- type AuthorizeTokenGenDefault
- type BasicAuth
- type Client
- type DefaultErrorId
- type DefaultErrors
- type InfoRequest
- type Response
- func (r *Response) GetRedirectUrl() (string, error)
- func (r *Response) SetError(id string, description string)
- func (r *Response) SetErrorState(id string, description string, state string)
- func (r *Response) SetErrorUri(id string, description string, uri string, state string)
- func (r *Response) SetRedirect(url string)
- func (r *Response) SetRedirectFragment(f bool)
- type ResponseData
- type ResponseOutput
- type ResponseOutputJSON
- type ResponseType
- type Server
- func (s *Server) FinishAccessRequest(w *Response, r *http.Request, ar *AccessRequest)
- func (s *Server) FinishAuthorizeRequest(w *Response, r *http.Request, ar *AuthorizeRequest)
- func (s *Server) FinishInfoRequest(w *Response, r *http.Request, ir *InfoRequest)
- func (s *Server) HandleAccessRequest(w *Response, r *http.Request) *AccessRequest
- func (s *Server) HandleAuthorizeRequest(w *Response, r *http.Request) *AuthorizeRequest
- func (s *Server) HandleInfoRequest(w *Response, r *http.Request) *InfoRequest
- func (s *Server) NewResponse() *Response
- type ServerConfig
- type Storage
Constants ¶
const ( AUTHORIZATION_CODE AccessRequestType = "authorization_code" REFRESH_TOKEN = "refresh_token" PASSWORD = "password" CLIENT_CREDENTIALS = "client_credentials" IMPLICIT = "__implicit" )
const ( E_INVALID_REQUEST string = "invalid_request" E_UNAUTHORIZED_CLIENT = "unauthorized_client" E_ACCESS_DENIED = "access_denied" E_UNSUPPORTED_RESPONSE_TYPE = "unsupported_response_type" E_INVALID_SCOPE = "invalid_scope" E_SERVER_ERROR = "server_error" E_TEMPORARILY_UNAVAILABLE = "temporarily_unavailable" E_UNSUPPORTED_GRANT_TYPE = "unsupported_grant_type" E_INVALID_GRANT = "invalid_grant" E_INVALID_CLIENT = "invalid_client" )
Variables ¶
This section is empty.
Functions ¶
func ValidateUri ¶
Validate if redirectUri is contained in baseUri
Types ¶
type AccessData ¶
type AccessData struct { // Client information Client *Client // Authorize data, for authorization code AuthorizeData *AuthorizeData // Previous access data, for refresh token AccessData *AccessData // Access token AccessToken string // Refresh Token. Can be blank RefreshToken string // Token expiration in seconds ExpiresIn int32 // Requested scope Scope string // Redirect Uri from request RedirectUri string // Date created CreatedAt time.Time // Data to be passed to storage. Not used by the library. UserData interface{} }
Access data
type AccessRequest ¶
type AccessRequest struct { Type AccessRequestType Code string Client *Client AuthorizeData *AuthorizeData AccessData *AccessData RedirectUri string Scope string Username string Password string // Set if request is authorized Authorized bool // Token expiration in seconds. Change if different from default Expiration int32 // Set if a refresh token should be generated GenerateRefresh bool // Data to be passed to storage. Not used by the library. UserData interface{} }
Access request information
type AccessRequestType ¶
type AccessRequestType string
type AccessTokenGen ¶
type AccessTokenGen interface {
GenerateAccessToken(data *AccessData, generaterefresh bool) (accesstoken string, refreshtoken string, err error)
}
Access token generator interface
type AccessTokenGenDefault ¶
type AccessTokenGenDefault struct { }
Default authorization token generator
func (*AccessTokenGenDefault) GenerateAccessToken ¶
func (a *AccessTokenGenDefault) GenerateAccessToken(data *AccessData, generaterefresh bool) (accesstoken string, refreshtoken string, err error)
type AllowedAccessType ¶
type AllowedAccessType []AccessRequestType
func (AllowedAccessType) Exists ¶
func (t AllowedAccessType) Exists(rt AccessRequestType) bool
Checks if the type exists in the list
type AllowedAuthorizeType ¶
type AllowedAuthorizeType []AuthorizeRequestType
Helper allowing objects
func (AllowedAuthorizeType) Exists ¶
func (t AllowedAuthorizeType) Exists(rt AuthorizeRequestType) bool
Checks if the type exists in the list
type AuthorizeData ¶
type AuthorizeData struct { // Client information Client *Client // Authorization code Code string // Token expiration in seconds ExpiresIn int32 // Requested scope Scope string // Redirect Uri from request RedirectUri string // State data from request State string // Date created CreatedAt time.Time // Data to be passed to storage. Not used by the library. UserData interface{} }
Authorization data
func (*AuthorizeData) ExpireAt ¶
func (d *AuthorizeData) ExpireAt() time.Time
Returns the expiration date
func (*AuthorizeData) IsExpired ¶
func (d *AuthorizeData) IsExpired() bool
Returns true if authorization expired
type AuthorizeRequest ¶
type AuthorizeRequest struct { Type AuthorizeRequestType Client *Client Scope string RedirectUri string State string // Set if request is authorized Authorized bool // Token expiration in seconds. Change if different from default. // If type = TOKEN, this expiration will be for the ACCESS token. Expiration int32 // Data to be passed to storage. Not used by the library. UserData interface{} }
Authorize request information
type AuthorizeRequestType ¶
type AuthorizeRequestType string
const ( CODE AuthorizeRequestType = "code" TOKEN = "token" )
type AuthorizeTokenGen ¶
type AuthorizeTokenGen interface {
GenerateAuthorizeToken(data *AuthorizeData) (string, error)
}
Authorization token generator interface
type AuthorizeTokenGenDefault ¶
type AuthorizeTokenGenDefault struct { }
Default authorization token generator
func (*AuthorizeTokenGenDefault) GenerateAuthorizeToken ¶
func (a *AuthorizeTokenGenDefault) GenerateAuthorizeToken(data *AuthorizeData) (ret string, err error)
type BasicAuth ¶
Parse basic authentication header
func CheckBasicAuth ¶
Return authorization header data
type Client ¶
type Client struct { // Client id Id string // Client secrent Secret string // Base client uri RedirectUri string // Data to be passed to storage. Not used by the library. UserData interface{} }
Client information
type DefaultErrorId ¶
type DefaultErrorId string
type DefaultErrors ¶
type DefaultErrors struct {
// contains filtered or unexported fields
}
Default errors and messages
func NewDefaultErrors ¶
func NewDefaultErrors() *DefaultErrors
func (*DefaultErrors) Get ¶
func (e *DefaultErrors) Get(id string) string
type InfoRequest ¶
type InfoRequest struct { Code string AccessData *AccessData }
Info request information
type Response ¶
type Response struct { Type ResponseType StatusCode int StatusText string ErrorStatusCode int URL string Output ResponseData Headers http.Header IsError bool InternalError error RedirectInFragment bool }
Server response
func NewDefaultResponse ¶
func NewDefaultResponse() *Response
Creates a new response NOTE: creating the response this way don't take in account server's ErrorStatusCode configuration - use Server.NewResponse() instead
func (*Response) GetRedirectUrl ¶
Returns the redirect url with parameters
func (*Response) SetErrorState ¶
Set error with state
func (*Response) SetErrorUri ¶
Set error with uri
func (*Response) SetRedirect ¶
Set response to be redirect instead of data output
func (*Response) SetRedirectFragment ¶
If true, redirect values are passed in fragment instead of as query parameters
type ResponseOutput ¶
Interface for response output
type ResponseOutputJSON ¶
type ResponseOutputJSON struct { }
Output the response in JSON
func NewResponseOutputJSON ¶
func NewResponseOutputJSON() *ResponseOutputJSON
func (*ResponseOutputJSON) Output ¶
func (o *ResponseOutputJSON) Output(rs *Response, w http.ResponseWriter, r *http.Request) error
type ResponseType ¶
type ResponseType int
Response type enum
const ( DATA ResponseType = iota REDIRECT )
type Server ¶
type Server struct { Config *ServerConfig Storage Storage AuthorizeTokenGen AuthorizeTokenGen AccessTokenGen AccessTokenGen }
OAuth2 server class
func NewServer ¶
func NewServer(config *ServerConfig, storage Storage) *Server
Creates a new server instance
func (*Server) FinishAccessRequest ¶
func (s *Server) FinishAccessRequest(w *Response, r *http.Request, ar *AccessRequest)
func (*Server) FinishAuthorizeRequest ¶
func (s *Server) FinishAuthorizeRequest(w *Response, r *http.Request, ar *AuthorizeRequest)
func (*Server) FinishInfoRequest ¶
func (s *Server) FinishInfoRequest(w *Response, r *http.Request, ir *InfoRequest)
func (*Server) HandleAccessRequest ¶
func (s *Server) HandleAccessRequest(w *Response, r *http.Request) *AccessRequest
Access token request
func (*Server) HandleAuthorizeRequest ¶
func (s *Server) HandleAuthorizeRequest(w *Response, r *http.Request) *AuthorizeRequest
Authorize request
func (*Server) HandleInfoRequest ¶
func (s *Server) HandleInfoRequest(w *Response, r *http.Request) *InfoRequest
Information request. NOT an RFC specification.
func (*Server) NewResponse ¶
Creates a new response for the server
type ServerConfig ¶
type ServerConfig struct { // Authorization token expiration in seconds (default 5 minutes) AuthorizationExpiration int32 // Access token expiration in seconds (default 1 hour) AccessExpiration int32 // Token type to return TokenType string // List of allowed authorize types (only CODE by default) AllowedAuthorizeTypes AllowedAuthorizeType // List of allowed access types (only AUTHORIZATION_CODE by default) AllowedAccessTypes AllowedAccessType // HTTP status code to return for errors - default 200 // Only used if response was created from server ErrorStatusCode int // If true allows client secret also in params, else only in // Authorization header - default false AllowClientSecretInParams bool // If true allows access request using GET, else only POST - default false AllowGetAccessRequest bool }
Server configuration
func NewServerConfig ¶
func NewServerConfig() *ServerConfig
type Storage ¶
type Storage interface { // Load client. GetClient(id string) (*Client, error) // Save authorize data. SaveAuthorize(*AuthorizeData) error // Load authorize data. Client information MUST be loaded together. // Optionally can return error if expired. LoadAuthorize(code string) (*AuthorizeData, error) // Remove authorize data. RemoveAuthorize(code string) error // Save access data. If RefreshToken is not blank, must save in a way // that can be loaded using LoadRefresh. SaveAccess(*AccessData) error // Load access data. Client information MUST be loaded together. // AuthorizeData and AccessData DON'T NEED to be loaded if not easily available. // Optionally can return error if expired. LoadAccess(code string) (*AccessData, error) // Remove access data. RemoveAccess(code string) error // Load refresh access data. Client information MUST be loaded together. // AuthorizeData and AccessData DON'T NEED to be loaded if not easily available. // Optionally can return error if expired. LoadRefresh(code string) (*AccessData, error) // Remove refresh data. RemoveRefresh(code string) error }
Storage interface