README
¶
hexagon-cloud-oauth2
The golang oauth2 service implementation, compatible with spring cloud oauth2.
Documentation
¶
Index ¶
- Variables
- type AccessGenerate
- type AuthorizeGenerate
- type Client
- type ClientStore
- type DefaultClient
- func (c *DefaultClient) GetAccessTokenExp() time.Duration
- func (c *DefaultClient) GetGrantTypes() []GrantType
- func (c *DefaultClient) GetID() string
- func (c *DefaultClient) GetRedirectUri() string
- func (c *DefaultClient) GetRefreshTokenExp() time.Duration
- func (c *DefaultClient) GetScopes() []string
- func (c *DefaultClient) GetSecret() string
- type DefaultToken
- func (t *DefaultToken) GetAccess() string
- func (t *DefaultToken) GetAccessCreateAt() time.Time
- func (t *DefaultToken) GetAccessExpiresIn() time.Duration
- func (t *DefaultToken) GetClientID() string
- func (t *DefaultToken) GetCode() string
- func (t *DefaultToken) GetCodeCreateAt() time.Time
- func (t *DefaultToken) GetCodeExpiresIn() time.Duration
- func (t *DefaultToken) GetRedirectURI() string
- func (t *DefaultToken) GetRefresh() string
- func (t *DefaultToken) GetRefreshCreateAt() time.Time
- func (t *DefaultToken) GetRefreshExpiresIn() time.Duration
- func (t *DefaultToken) GetScope() string
- func (t *DefaultToken) GetUsername() string
- func (t *DefaultToken) New() Token
- func (t *DefaultToken) SetAccess(access string)
- func (t *DefaultToken) SetAccessCreateAt(createAt time.Time)
- func (t *DefaultToken) SetAccessExpiresIn(exp time.Duration)
- func (t *DefaultToken) SetClientID(clientID string)
- func (t *DefaultToken) SetCode(code string)
- func (t *DefaultToken) SetCodeCreateAt(createAt time.Time)
- func (t *DefaultToken) SetCodeExpiresIn(exp time.Duration)
- func (t *DefaultToken) SetRedirectURI(redirectURI string)
- func (t *DefaultToken) SetRefresh(refresh string)
- func (t *DefaultToken) SetRefreshCreateAt(createAt time.Time)
- func (t *DefaultToken) SetRefreshExpiresIn(exp time.Duration)
- func (t *DefaultToken) SetScope(scope string)
- func (t *DefaultToken) SetUsername(userID string)
- type DefaultUser
- type ErrorResponse
- type GenerateBasic
- type GrantType
- type Manager
- type PasswordEncoder
- type ResponseType
- type Token
- type TokenGenerateRequest
- type TokenStore
- type User
- type UserStore
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrInvalidRedirectURI = errors.New("invalid redirect uri") ErrInvalidAuthorizeCode = errors.New("invalid authorize code") ErrInvalidAccessToken = errors.New("invalid access token") ErrInvalidRefreshToken = errors.New("invalid refresh token") ErrExpiredAccessToken = errors.New("expired access token") ErrExpiredRefreshToken = errors.New("expired refresh token") )
known errors
View Source
var ( ErrInvalidRequest = errors.New("invalid_request") ErrInvalidClient = errors.New("invalid_client") ErrInvalidGrant = errors.New("invalid_grant") ErrUnsupportedGrantType = errors.New("unsupported_grant_type") ErrInvalidScope = errors.New("invalid_scope") ErrAccessDenied = errors.New("access_denied") ErrUnsupportedResponseType = errors.New("unsupported_response_type") ErrServerError = errors.New("server_error") )
https://tools.ietf.org/html/rfc6749#section-5.2
View Source
var Descriptions = map[error]string{ ErrInvalidRequest: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed", ErrInvalidClient: "DefaultClient authentication failed", ErrInvalidGrant: "The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client", ErrUnauthorizedClient: "The client is not authorized to request an authorization code using this method", ErrUnsupportedGrantType: "The authorization grant type is not supported by the authorization server", ErrInvalidScope: "The requested scope is invalid, unknown, or malformed", ErrAccessDenied: "The resource owner or authorization server denied the request", ErrUnsupportedResponseType: "The authorization server does not support obtaining an authorization code using this method", ErrServerError: "The authorization server encountered an unexpected condition that prevented it from fulfilling the request", ErrTemporarilyUnavailable: "The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server", }
Descriptions error description
View Source
var StatusCodes = map[error]int{ ErrInvalidRequest: 400, ErrInvalidClient: 401, ErrInvalidGrant: 401, ErrUnauthorizedClient: 401, ErrUnsupportedGrantType: 401, ErrInvalidScope: 400, ErrAccessDenied: 403, ErrUnsupportedResponseType: 401, ErrServerError: 500, ErrTemporarilyUnavailable: 503, }
StatusCodes response error HTTP status code
Functions ¶
This section is empty.
Types ¶
type AccessGenerate ¶
type AccessGenerate interface {
Token(data *GenerateBasic, isGenRefresh bool) (access, refresh string, err error)
}
AccessGenerate generate the access and refresh tokens interface
type AuthorizeGenerate ¶
type AuthorizeGenerate interface {
Token(data *GenerateBasic) (code string, err error)
}
AuthorizeGenerate generate the authorization code interface
type Client ¶
type Client interface {
GetID() string
GetSecret() string
GetRedirectUri() string
GetScopes() []string
GetGrantTypes() []GrantType
GetAccessTokenExp() time.Duration
GetRefreshTokenExp() time.Duration
}
Client interface for OAuth 2
type ClientStore ¶
type ClientStore interface {
// according to the ID for the client information
GetByID(id string) (Client, error)
}
ClientStore the client information storage interface
type DefaultClient ¶
type DefaultClient struct {
ID string
Secret string
RedirectUri string
Scopes []string
GrantTypes []GrantType
AccessTokenExp time.Duration
RefreshTokenExp time.Duration
}
DefaultClient s a simple default implementation of the Client interface.
func (*DefaultClient) GetAccessTokenExp ¶
func (c *DefaultClient) GetAccessTokenExp() time.Duration
GetAccessTokenExp access token validity seconds
func (*DefaultClient) GetGrantTypes ¶
func (c *DefaultClient) GetGrantTypes() []GrantType
GetGrantTypes authorized grant types
func (*DefaultClient) GetRedirectUri ¶
func (c *DefaultClient) GetRedirectUri() string
GetRedirectUri client domain
func (*DefaultClient) GetRefreshTokenExp ¶
func (c *DefaultClient) GetRefreshTokenExp() time.Duration
GetRefreshTokenExp refresh validity seconds
func (*DefaultClient) GetSecret ¶
func (c *DefaultClient) GetSecret() string
GetSecret client domain
type DefaultToken ¶
type DefaultToken struct {
ClientID string `bson:"ClientID"`
Username string `bson:"Username"`
RedirectURI string `bson:"RedirectURI"`
Scope string `bson:"Scope"`
Code string `bson:"Code"`
CodeCreateAt time.Time `bson:"CodeCreateAt"`
CodeExpiresIn time.Duration `bson:"CodeExpiresIn"`
Access string `bson:"Access"`
AccessCreateAt time.Time `bson:"AccessCreateAt"`
AccessExpiresIn time.Duration `bson:"AccessExpiresIn"`
Refresh string `bson:"Refresh"`
RefreshCreateAt time.Time `bson:"RefreshCreateAt"`
RefreshExpiresIn time.Duration `bson:"RefreshExpiresIn"`
}
DefaultToken token model
func (*DefaultToken) GetAccess ¶
func (t *DefaultToken) GetAccess() string
GetAccess access DefaultToken
func (*DefaultToken) GetAccessCreateAt ¶
func (t *DefaultToken) GetAccessCreateAt() time.Time
GetAccessCreateAt create Time
func (*DefaultToken) GetAccessExpiresIn ¶
func (t *DefaultToken) GetAccessExpiresIn() time.Duration
GetAccessExpiresIn the lifetime in seconds of the access token
func (*DefaultToken) GetClientID ¶
func (t *DefaultToken) GetClientID() string
GetClientID the client id
func (*DefaultToken) GetCodeCreateAt ¶
func (t *DefaultToken) GetCodeCreateAt() time.Time
GetCodeCreateAt create Time
func (*DefaultToken) GetCodeExpiresIn ¶
func (t *DefaultToken) GetCodeExpiresIn() time.Duration
GetCodeExpiresIn the lifetime in seconds of the authorization code
func (*DefaultToken) GetRedirectURI ¶
func (t *DefaultToken) GetRedirectURI() string
GetRedirectURI redirect URI
func (*DefaultToken) GetRefresh ¶
func (t *DefaultToken) GetRefresh() string
GetRefresh refresh DefaultToken
func (*DefaultToken) GetRefreshCreateAt ¶
func (t *DefaultToken) GetRefreshCreateAt() time.Time
GetRefreshCreateAt create Time
func (*DefaultToken) GetRefreshExpiresIn ¶
func (t *DefaultToken) GetRefreshExpiresIn() time.Duration
GetRefreshExpiresIn the lifetime in seconds of the refresh token
func (*DefaultToken) GetScope ¶
func (t *DefaultToken) GetScope() string
GetScope get scope of authorization
func (*DefaultToken) GetUsername ¶
func (t *DefaultToken) GetUsername() string
GetUsername the user id
func (*DefaultToken) SetAccess ¶
func (t *DefaultToken) SetAccess(access string)
SetAccess access DefaultToken
func (*DefaultToken) SetAccessCreateAt ¶
func (t *DefaultToken) SetAccessCreateAt(createAt time.Time)
SetAccessCreateAt create Time
func (*DefaultToken) SetAccessExpiresIn ¶
func (t *DefaultToken) SetAccessExpiresIn(exp time.Duration)
SetAccessExpiresIn the lifetime in seconds of the access token
func (*DefaultToken) SetClientID ¶
func (t *DefaultToken) SetClientID(clientID string)
SetClientID the client id
func (*DefaultToken) SetCode ¶
func (t *DefaultToken) SetCode(code string)
SetCode authorization code
func (*DefaultToken) SetCodeCreateAt ¶
func (t *DefaultToken) SetCodeCreateAt(createAt time.Time)
SetCodeCreateAt create Time
func (*DefaultToken) SetCodeExpiresIn ¶
func (t *DefaultToken) SetCodeExpiresIn(exp time.Duration)
SetCodeExpiresIn the lifetime in seconds of the authorization code
func (*DefaultToken) SetRedirectURI ¶
func (t *DefaultToken) SetRedirectURI(redirectURI string)
SetRedirectURI redirect URI
func (*DefaultToken) SetRefresh ¶
func (t *DefaultToken) SetRefresh(refresh string)
SetRefresh refresh DefaultToken
func (*DefaultToken) SetRefreshCreateAt ¶
func (t *DefaultToken) SetRefreshCreateAt(createAt time.Time)
SetRefreshCreateAt create Time
func (*DefaultToken) SetRefreshExpiresIn ¶
func (t *DefaultToken) SetRefreshExpiresIn(exp time.Duration)
SetRefreshExpiresIn the lifetime in seconds of the refresh token
func (*DefaultToken) SetScope ¶
func (t *DefaultToken) SetScope(scope string)
SetScope get scope of authorization
func (*DefaultToken) SetUsername ¶
func (t *DefaultToken) SetUsername(userID string)
SetUsername the user id
type DefaultUser ¶
type DefaultUser struct {
ID uint64 `json:"id"`
Username string `json:"username"`
Password string `json:"-"`
}
DefaultUser
func (*DefaultUser) GetID ¶
func (u *DefaultUser) GetID() uint64
func (*DefaultUser) GetPassword ¶
func (u *DefaultUser) GetPassword() string
func (*DefaultUser) GetUsername ¶
func (u *DefaultUser) GetUsername() string
type ErrorResponse ¶
type ErrorResponse struct {
Error error
ErrorCode int
Description string
URI string
StatusCode int
Header http.Header
}
ErrorResponse error response
func NewErrorResponse ¶
func NewErrorResponse(err error, statusCode int) *ErrorResponse
NewErrorResponse create the response pointer
func (*ErrorResponse) SetHeader ¶
func (r *ErrorResponse) SetHeader(key, value string)
SetHeader sets the header entries associated with key to the single element value.
type GenerateBasic ¶
GenerateBasic provide the basis of the generated token data
type GrantType ¶
type GrantType string
GrantType authorization model
type Manager ¶
type Manager interface {
// check the interface implementation
CheckInterface() (err error)
// get the client information
GetClient(clientID string) (cli Client, err error)
LoadUserByUsername(username string) (User, error)
AuthenticateUser(username string, password string) (User, error)
// generate the authorization token(code)
GenerateAuthToken(rt ResponseType, tgr *TokenGenerateRequest, cli Client) (authToken Token, err error)
// generate the access token
GenerateAccessToken(rt GrantType, tgr *TokenGenerateRequest, cli Client) (accessToken Token, err error)
// refreshing an access token
RefreshAccessToken(tgr *TokenGenerateRequest) (accessToken Token, err error)
// use the access token to delete the token information
RemoveAccessToken(access string) (err error)
// use the refresh token to delete the token information
RemoveRefreshToken(refresh string) (err error)
// according to the access token for corresponding token information
LoadAccessToken(access string) (accessToken Token, err error)
// according to the refresh token for corresponding token information
LoadRefreshToken(refresh string) (refreshToken Token, err error)
}
Manager authorization management interface
type PasswordEncoder ¶
type ResponseType ¶
type ResponseType string
ResponseType the type of authorization request
const ( CodeRsp ResponseType = "code" TokenRsp ResponseType = "token" )
define the type of authorization request
func (ResponseType) String ¶
func (rt ResponseType) String() string
type Token ¶
type Token interface {
New() Token
GetClientID() string
SetClientID(string)
GetUsername() string
SetUsername(string)
GetRedirectURI() string
SetRedirectURI(string)
GetScope() string
SetScope(string)
GetCode() string
SetCode(string)
GetCodeCreateAt() time.Time
SetCodeCreateAt(time.Time)
GetCodeExpiresIn() time.Duration
SetCodeExpiresIn(time.Duration)
GetAccess() string
SetAccess(string)
GetAccessCreateAt() time.Time
SetAccessCreateAt(time.Time)
GetAccessExpiresIn() time.Duration
SetAccessExpiresIn(time.Duration)
GetRefresh() string
SetRefresh(string)
GetRefreshCreateAt() time.Time
SetRefreshCreateAt(time.Time)
GetRefreshExpiresIn() time.Duration
SetRefreshExpiresIn(time.Duration)
}
Token the token information model interface
type TokenGenerateRequest ¶
type TokenGenerateRequest struct {
ClientID string
ClientSecret string
UserID string
RedirectURI string
Scope string
Code string
Refresh string
AccessTokenExp time.Duration
}
TokenGenerateRequest provide to generate the token request parameters
type TokenStore ¶
type TokenStore interface {
// create and store the new token information
Create(token Token) error
// delete the authorization code
RemoveByCode(code string) error
// use the access token to delete the token information
RemoveByAccess(access string) error
// use the refresh token to delete the token information
RemoveByRefresh(refresh string) error
// use the authorization code for token information data
GetByCode(code string) (Token, error)
// use the access token for token information data
GetByAccess(access string) (Token, error)
// use the refresh token for token information data
GetByRefresh(refresh string) (Token, error)
}
TokenStore the token information storage interface
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.