oauth2

package module
v3.5.1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 8, 2016 License: MIT Imports: 1 Imported by: 0

README

Golang OAuth 2.0

An open protocol to allow secure authorization in a simple and standard method from web, mobile and desktop applications.

License ReportCard Build Coverage GoDoc Release

Protocol Flow

     +--------+                               +---------------+
     |        |--(A)- Authorization Request ->|   Resource    |
     |        |                               |     Owner     |
     |        |<-(B)-- Authorization Grant ---|               |
     |        |                               +---------------+
     |        |
     |        |                               +---------------+
     |        |--(C)-- Authorization Grant -->| Authorization |
     | Client |                               |     Server    |
     |        |<-(D)----- Access Token -------|               |
     |        |                               +---------------+
     |        |
     |        |                               +---------------+
     |        |--(E)----- Access Token ------>|    Resource   |
     |        |                               |     Server    |
     |        |<-(F)--- Protected Resource ---|               |
     +--------+                               +---------------+

Quick Start

Download and install
$ go get -u gopkg.in/oauth2.v3/...
Create file server.go
package main

import (
	"log"
	"net/http"

	"gopkg.in/oauth2.v3/manage"
	"gopkg.in/oauth2.v3/server"
	"gopkg.in/oauth2.v3/store"
)

func main() {
	manager := manage.NewDefaultManager()
	// token memory store
	manager.MustTokenStorage(store.NewMemoryTokenStore())
	// client test store
	manager.MapClientStorage(store.NewTestClientStore())

	srv := server.NewDefaultServer(manager)
	srv.SetAllowGetAccessRequest(true)
	srv.SetClientInfoHandler(server.ClientFormHandler)

	srv.SetInternalErrorHandler(func(err error) {
		log.Println("OAuth2 Error:", err.Error())
	})

	http.HandleFunc("/authorize", func(w http.ResponseWriter, r *http.Request) {
		err := srv.HandleAuthorizeRequest(w, r)
		if err != nil {
			http.Error(w, err.Error(), http.StatusBadRequest)
		}
	})

	http.HandleFunc("/token", func(w http.ResponseWriter, r *http.Request) {
		srv.HandleTokenRequest(w, r)
	})

	http.ListenAndServe(":9096", nil)
}

Build and run
$ go build server.go
$ ./server
Open in your web browser
http://localhost:9096/token?grant_type=client_credentials&client_id=1&client_secret=11&scope=read
{
    "access_token": "ACPT7UYYNVWS2OAPFOHVUW",
    "expires_in": 7200,
    "scope": "read",
    "token_type": "Bearer"
}

Features

  • Easy to use
  • Based on the RFC 6749 implementation
  • Token storage support TTL
  • Support custom extension field
  • Support custom scope
  • Support custom expiration time of the access token

Example

A complete example of simulation authorization code model

Simulation examples of authorization code model, please check example

Storage Implements

MIT License

Copyright (c) 2016 Lyric

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessGenerate

type AccessGenerate interface {
	Token(data *GenerateBasic, isGenRefresh bool) (access, refresh string, err error)
}

AccessGenerate generate the access and refresh tokens interface

type AuthorizeGenerate

type AuthorizeGenerate interface {
	Token(data *GenerateBasic) (code string, err error)
}

AuthorizeGenerate generate the authorization code interface

type ClientInfo

type ClientInfo interface {
	GetID() string
	GetSecret() string
	GetDomain() string
	GetUserID() string
}

ClientInfo the client information model interface

type ClientStore

type ClientStore interface {
	// according to the ID for the client information
	GetByID(id string) (ClientInfo, error)
}

ClientStore the client information storage interface

type GenerateBasic

type GenerateBasic struct {
	Client   ClientInfo
	UserID   string
	CreateAt time.Time
}

GenerateBasic provide the basis of the generated token data

type GrantType

type GrantType string

GrantType authorization model

const (
	AuthorizationCode   GrantType = "authorization_code"
	PasswordCredentials GrantType = "password"
	ClientCredentials   GrantType = "client_credentials"
	Refreshing          GrantType = "refresh_token"
	Implicit            GrantType = "__implicit"
)

define authorization model

func (GrantType) String

func (gt GrantType) String() string

type Manager

type Manager interface {
	// check the interface implementation
	CheckInterface() (err error)

	// get the client information
	GetClient(clientID string) (cli ClientInfo, err error)

	// generate the authorization token(code)
	GenerateAuthToken(rt ResponseType, tgr *TokenGenerateRequest) (authToken TokenInfo, err error)

	// generate the access token
	GenerateAccessToken(rt GrantType, tgr *TokenGenerateRequest) (accessToken TokenInfo, err error)

	// refreshing an access token
	RefreshAccessToken(tgr *TokenGenerateRequest) (accessToken TokenInfo, err error)

	// use the access token to delete the token information
	RemoveAccessToken(access string) (err error)

	// use the refresh token to delete the token information
	RemoveRefreshToken(refresh string) (err error)

	// according to the access token for corresponding token information
	LoadAccessToken(access string) (ti TokenInfo, err error)

	// according to the refresh token for corresponding token information
	LoadRefreshToken(refresh string) (ti TokenInfo, err error)
}

Manager authorization management interface

type ResponseType

type ResponseType string

ResponseType the type of authorization request

const (
	Code  ResponseType = "code"
	Token ResponseType = "token"
)

define the type of authorization request

func (ResponseType) String

func (rt ResponseType) String() string

type TokenGenerateRequest

type TokenGenerateRequest struct {
	ClientID       string
	ClientSecret   string
	UserID         string
	RedirectURI    string
	Scope          string
	Code           string
	Refresh        string
	AccessTokenExp time.Duration
}

TokenGenerateRequest provide to generate the token request parameters

type TokenInfo

type TokenInfo interface {
	New() TokenInfo

	GetClientID() string
	SetClientID(string)
	GetUserID() string
	SetUserID(string)
	GetRedirectURI() string
	SetRedirectURI(string)
	GetScope() string
	SetScope(string)

	GetCode() string
	SetCode(string)
	GetCodeCreateAt() time.Time
	SetCodeCreateAt(time.Time)
	GetCodeExpiresIn() time.Duration
	SetCodeExpiresIn(time.Duration)

	GetAccess() string
	SetAccess(string)
	GetAccessCreateAt() time.Time
	SetAccessCreateAt(time.Time)
	GetAccessExpiresIn() time.Duration
	SetAccessExpiresIn(time.Duration)

	GetRefresh() string
	SetRefresh(string)
	GetRefreshCreateAt() time.Time
	SetRefreshCreateAt(time.Time)
	GetRefreshExpiresIn() time.Duration
	SetRefreshExpiresIn(time.Duration)
}

TokenInfo the token information model interface

type TokenStore

type TokenStore interface {
	// create and store the new token information
	Create(info TokenInfo) error

	// delete the authorization code
	RemoveByCode(code string) error

	// use the access token to delete the token information
	RemoveByAccess(access string) error

	// use the refresh token to delete the token information
	RemoveByRefresh(refresh string) error

	// use the authorization code for token information data
	GetByCode(code string) (TokenInfo, error)

	// use the access token for token information data
	GetByAccess(access string) (TokenInfo, error)

	// use the refresh token for token information data
	GetByRefresh(refresh string) (TokenInfo, error)
}

TokenStore the token information storage interface

Directories

Path Synopsis
example

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL