The highest tagged major version is
README
¶
OAuth 2.0
An open protocol to allow secure authorization in a simple and standard method from web, mobile and desktop applications.
Protocol Flow
+--------+ +---------------+
| |--(A)- Authorization Request ->| Resource |
| | | Owner |
| |<-(B)-- Authorization Grant ---| |
| | +---------------+
| |
| | +---------------+
| |--(C)-- Authorization Grant -->| Authorization |
| Client | | Server |
| |<-(D)----- Access Token -------| |
| | +---------------+
| |
| | +---------------+
| |--(E)----- Access Token ------>| Resource |
| | | Server |
| |<-(F)--- Protected Resource ---| |
+--------+ +---------------+
Quick Start
Download and install
$ go get -u -v gopkg.in/oauth2.v3
Create file server.go
package main
import (
"net/http"
"gopkg.in/oauth2.v3/manage"
"gopkg.in/oauth2.v3/server"
"gopkg.in/oauth2.v3/store"
)
func main() {
manager := manage.NewDefaultManager()
// token memory store
manager.MustTokenStorage(store.NewMemoryTokenStore())
// client test store
manager.MapClientStorage(store.NewTestClientStore())
srv := server.NewServer(server.NewConfig(), manager)
srv.SetUserAuthorizationHandler(func(w http.ResponseWriter, r *http.Request) (userID string, err error) {
// validation and to get the user id
userID = "000000"
return
})
http.HandleFunc("/authorize", func(w http.ResponseWriter, r *http.Request) {
err := srv.HandleAuthorizeRequest(w, r)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
}
})
http.HandleFunc("/token", func(w http.ResponseWriter, r *http.Request) {
err := srv.HandleTokenRequest(w, r)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
}
})
http.ListenAndServe(":9096", nil)
}
Build and run
$ go build server.go
$ ./server
Open in your web browser
http://localhost:9096/authorize?response_type=code&client_id=1&redirect_uri=http%253A%252F%252Flocalhost&scope=all&state=xyz
Features
- Easy to use
- Based on the RFC 6749 implementation
- Token storage support TTL
- Support custom extension field
- Support custom scope
- Support custom expiration time of the access token
Example
A complete example of simulation authorization code model
Simulation examples of authorization code model, please check example
Storage implements
License
Copyright (c) 2016, OAuth 2.0
All rights reserved.
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AccessGenerate ¶
type AccessGenerate interface {
Token(data *GenerateBasic, isGenRefresh bool) (access, refresh string, err error)
}
AccessGenerate Generate the access and refresh tokens interface
type AuthorizeGenerate ¶
type AuthorizeGenerate interface {
Token(data *GenerateBasic) (code string, err error)
}
AuthorizeGenerate Generate the authorization code interface
type ClientInfo ¶
type ClientInfo interface {
// The client id
GetID() string
// The client secret
GetSecret() string
// The client domain
GetDomain() string
// The extension data related to the client
GetExtraData() interface{}
}
ClientInfo The client information model interface
type ClientStore ¶
type ClientStore interface {
// GetByID According to the ID for the client information
GetByID(id string) (ClientInfo, error)
}
ClientStore The client information storage interface
type GenerateBasic ¶
type GenerateBasic struct {
Client ClientInfo // The client information
UserID string // The user id
CreateAt time.Time // Creation time
}
GenerateBasic Provide the basis of the generated token data
type GrantType ¶
type GrantType string
GrantType Authorization Grant
const ( // AuthorizationCode Authorization Code AuthorizationCode GrantType = "authorization_code" // PasswordCredentials Resource Owner Password Credentials PasswordCredentials GrantType = "password" // ClientCredentials Client Credentials ClientCredentials GrantType = "clientcredentials" // Refreshing Refresh Token Refreshing GrantType = "refreshtoken" // Implicit Implicit Grant Implicit GrantType = "__implicit" )
type Manager ¶
type Manager interface {
// Check the interface implementation
CheckInterface() (err error)
// Get the client information
GetClient(clientID string) (cli ClientInfo, err error)
// Generate the authorization token(code)
GenerateAuthToken(rt ResponseType, tgr *TokenGenerateRequest) (authToken TokenInfo, err error)
// Generate the access token
GenerateAccessToken(rt GrantType, tgr *TokenGenerateRequest) (accessToken TokenInfo, err error)
// Refreshing an access token
RefreshAccessToken(tgr *TokenGenerateRequest) (accessToken TokenInfo, err error)
// Use the access token to delete the token information
RemoveAccessToken(access string) (err error)
// Use the refresh token to delete the token information
RemoveRefreshToken(refresh string) (err error)
// According to the access token for corresponding token information
LoadAccessToken(access string) (ti TokenInfo, err error)
// According to the refresh token for corresponding token information
LoadRefreshToken(refresh string) (ti TokenInfo, err error)
}
Manager Authorization management interface
type ResponseType ¶
type ResponseType string
ResponseType Response Type
const ( // Code Authorization code type Code ResponseType = "code" // Token Token type Token ResponseType = "token" )
func (ResponseType) String ¶
func (rt ResponseType) String() string
type TokenGenerateRequest ¶
type TokenGenerateRequest struct {
ClientID string // The client information
ClientSecret string // The client secret
UserID string // The user id
RedirectURI string // Redirect URI
Scope string // Scope of authorization
Code string // Authorization code
Refresh string // Refreshing token
AccessTokenExp time.Duration // Access token expiration time (in seconds)
}
TokenGenerateRequest Provide to generate the token request parameters
type TokenInfo ¶
type TokenInfo interface {
// Get client id
GetClientID() string
// Set client id
SetClientID(string)
// Get user id
GetUserID() string
// Set user id
SetUserID(string)
// Get Redirect URI
GetRedirectURI() string
// Set Redirect URI
SetRedirectURI(string)
// Get Scope of authorization
GetScope() string
// Set Scope of authorization
SetScope(string)
// Get Authorization code
GetCode() string
// Set Authorization code
SetCode(string)
// Get Create Time
GetCodeCreateAt() time.Time
// Set Create Time
SetCodeCreateAt(time.Time)
// Get The lifetime in seconds of the authorization code
GetCodeExpiresIn() time.Duration
// Set The lifetime in seconds of the authorization code
SetCodeExpiresIn(time.Duration)
// Get Access Token
GetAccess() string
// Set Access Token
SetAccess(string)
// Get Create Time
GetAccessCreateAt() time.Time
// Set Create Time
SetAccessCreateAt(time.Time)
// Get The lifetime in seconds of the access token
GetAccessExpiresIn() time.Duration
// Set The lifetime in seconds of the access token
SetAccessExpiresIn(time.Duration)
// Get Refresh Token
GetRefresh() string
// Set Refresh Token
SetRefresh(string)
// Get Create Time
GetRefreshCreateAt() time.Time
// Set Create Time
SetRefreshCreateAt(time.Time)
// Get The lifetime in seconds of the access token
GetRefreshExpiresIn() time.Duration
// Set The lifetime in seconds of the access token
SetRefreshExpiresIn(time.Duration)
}
TokenInfo The token information model interface
type TokenStore ¶
type TokenStore interface {
// Create Create and store the new token information
Create(info TokenInfo) error
// RemoveByCode Delete the authorization code
RemoveByCode(code string) error
// RemoveByAccess Use the access token to delete the token information
RemoveByAccess(access string) error
// RemoveByRefresh Use the refresh token to delete the token information
RemoveByRefresh(refresh string) error
// GetByCode Use the authorization code for token information data
GetByCode(code string) (TokenInfo, error)
// GetByAccess Use the access token for token information data
GetByAccess(access string) (TokenInfo, error)
// GetByRefresh Use the refresh token for token information data
GetByRefresh(refresh string) (TokenInfo, error)
}
TokenStore The token information storage interface
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.