auth

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 18, 2026 License: MIT Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrTokenExpired = errors.New("token has expired")
	ErrTokenInvalid = errors.New("token is invalid")
)
View Source 
var (
	// GitHub OAuth 配置
	GitHubOAuth = func(clientID, clientSecret, redirectURL string) OAuthConfig {
		return OAuthConfig{
			ClientID:     clientID,
			ClientSecret: clientSecret,
			RedirectURL:  redirectURL,
			Scopes:       []string{"user:email"},
			AuthURL:      "https://github.com/login/oauth/authorize",
			TokenURL:     "https://github.com/login/oauth/access_token",
			UserInfoURL:  "https://api.github.com/user",
		}
	}

	// Google OAuth 配置
	GoogleOAuth = func(clientID, clientSecret, redirectURL string) OAuthConfig {
		return OAuthConfig{
			ClientID:     clientID,
			ClientSecret: clientSecret,
			RedirectURL:  redirectURL,
			Scopes:       []string{"openid", "profile", "email"},
			AuthURL:      "https://accounts.google.com/o/oauth2/v2/auth",
			TokenURL:     "https://oauth2.googleapis.com/token",
			UserInfoURL:  "https://www.googleapis.com/oauth2/v2/userinfo",
		}
	}

	// Facebook OAuth 配置
	FacebookOAuth = func(clientID, clientSecret, redirectURL string) OAuthConfig {
		return OAuthConfig{
			ClientID:     clientID,
			ClientSecret: clientSecret,
			RedirectURL:  redirectURL,
			Scopes:       []string{"email", "public_profile"},
			AuthURL:      "https://www.facebook.com/v12.0/dialog/oauth",
			TokenURL:     "https://graph.facebook.com/v12.0/oauth/access_token",
			UserInfoURL:  "https://graph.facebook.com/me?fields=id,name,email",
		}
	}
)

预定义的 OAuth 提供商配置

View Source 
var (
	ErrInvalidCode  = errors.New("oauth: invalid authorization code")
	ErrInvalidToken = errors.New("oauth: invalid token")
)

Functions

func GenerateState 

func GenerateState() string

GenerateState 生成随机 state

Types

type Claims 

type Claims struct {
	UserID   string                 `json:"user_id"`
	Username string                 `json:"username"`
	Email    string                 `json:"email"`
	Extra    map[string]interface{} `json:"extra,omitempty"`
	jwt.RegisteredClaims
}

Claims JWT 声明

type JWTAuth 

type JWTAuth struct {
	// contains filtered or unexported fields
}

JWTAuth JWT 认证

func NewJWTAuth 

func NewJWTAuth(config JWTConfig) *JWTAuth

NewJWTAuth 创建 JWT 认证实例

func (*JWTAuth) GenerateToken 

func (j *JWTAuth) GenerateToken(userID, username, email string, extra ...map[string]interface{}) (string, error)

GenerateToken 生成 Token

func (*JWTAuth) ParseToken 

func (j *JWTAuth) ParseToken(tokenString string) (*Claims, error)

ParseToken 解析 Token

func (*JWTAuth) RefreshToken 

func (j *JWTAuth) RefreshToken(tokenString string) (string, error)

RefreshToken 刷新 Token

func (*JWTAuth) ValidateToken 

func (j *JWTAuth) ValidateToken(tokenString string) bool

ValidateToken 验证 Token

type JWTConfig 

type JWTConfig struct {
	SecretKey  string
	Issuer     string
	ExpireTime time.Duration
}

JWT 配置

type OAuthConfig 

type OAuthConfig struct {
	ClientID     string
	ClientSecret string
	RedirectURL  string
	Scopes       []string
	AuthURL      string
	TokenURL     string
	UserInfoURL  string
}

OAuthConfig OAuth 配置

type OAuthProvider 

type OAuthProvider struct {
	// contains filtered or unexported fields
}

OAuthProvider OAuth 提供商

func NewOAuthProvider 

func NewOAuthProvider(config OAuthConfig) *OAuthProvider

NewOAuthProvider 创建 OAuth 提供商

func (*OAuthProvider) ExchangeToken 

func (o *OAuthProvider) ExchangeToken(ctx context.Context, code string) (*OAuthToken, error)

ExchangeToken 用授权码交换 Token

func (*OAuthProvider) GetAuthURL 

func (o *OAuthProvider) GetAuthURL(state string) string

GetAuthURL 获取授权URL

func (*OAuthProvider) GetUserInfo 

func (o *OAuthProvider) GetUserInfo(ctx context.Context, accessToken string) (map[string]interface{}, error)

GetUserInfo 获取用户信息

func (*OAuthProvider) RefreshAccessToken 

func (o *OAuthProvider) RefreshAccessToken(ctx context.Context, refreshToken string) (*OAuthToken, error)

RefreshAccessToken 刷新访问令牌

type OAuthToken 

type OAuthToken struct {
	AccessToken  string `json:"access_token"`
	TokenType    string `json:"token_type"`
	ExpiresIn    int    `json:"expires_in"`
	RefreshToken string `json:"refresh_token"`
	Scope        string `json:"scope"`
}

OAuthToken OAuth Token 响应

type Permission 

type Permission struct {
	ID          string
	Name        string
	Description string
}

Permission 权限

type RBAC 

type RBAC struct {
	// contains filtered or unexported fields
}

RBAC 基于角色的访问控制

func NewRBAC 

func NewRBAC() *RBAC

NewRBAC 创建 RBAC 实例

func (*RBAC) AddPermission 

func (r *RBAC) AddPermission(perm *Permission)

AddPermission 添加权限

func (*RBAC) AddRole 

func (r *RBAC) AddRole(role *Role)

AddRole 添加角色

func (*RBAC) AssignRole 

func (r *RBAC) AssignRole(userID, roleID string)

AssignRole 分配角色给用户

func (*RBAC) GetUserPermissions 

func (r *RBAC) GetUserPermissions(userID string) []*Permission

GetUserPermissions 获取用户所有权限

func (*RBAC) GetUserRoles 

func (r *RBAC) GetUserRoles(userID string) []*Role

GetUserRoles 获取用户所有角色

func (*RBAC) HasPermission 

func (r *RBAC) HasPermission(userID, permID string) bool

HasPermission 检查用户是否有指定权限

func (*RBAC) HasRole 

func (r *RBAC) HasRole(userID, roleID string) bool

HasRole 检查用户是否有指定角色

func (*RBAC) RevokeRole 

func (r *RBAC) RevokeRole(userID, roleID string)

RevokeRole 撤销用户角色

type Role 

type Role struct {
	ID          string
	Name        string
	Permissions []string
}

Role 角色

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.