1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
package server
import (
"net/http"
"time"
"github.com/superseriousbusiness/oauth2/v4"
"github.com/superseriousbusiness/oauth2/v4/errors"
)
type (
// ClientInfoHandler get client info from request
ClientInfoHandler func(r *http.Request) (clientID, clientSecret string, err error)
// ClientAuthorizedHandler check the client allows to use this authorization grant type
ClientAuthorizedHandler func(clientID string, grant oauth2.GrantType) (allowed bool, err error)
// ClientScopeHandler check the client allows to use scope
ClientScopeHandler func(tgr *oauth2.TokenGenerateRequest) (allowed bool, err error)
// UserAuthorizationHandler get user id from request authorization
UserAuthorizationHandler func(w http.ResponseWriter, r *http.Request) (userID string, err error)
// PasswordAuthorizationHandler get user id from username and password
PasswordAuthorizationHandler func(username, password string) (userID string, err error)
// RefreshingScopeHandler check the scope of the refreshing token
RefreshingScopeHandler func(tgr *oauth2.TokenGenerateRequest, oldScope string) (allowed bool, err error)
// RefreshingValidationHandler check if refresh_token is still valid. eg no revocation or other
RefreshingValidationHandler func(ti oauth2.TokenInfo) (allowed bool, err error)
// ResponseErrorHandler response error handing
ResponseErrorHandler func(re *errors.Response)
// InternalErrorHandler internal error handing
InternalErrorHandler func(err error) (re *errors.Response)
// AuthorizeScopeHandler set the authorized scope
AuthorizeScopeHandler func(w http.ResponseWriter, r *http.Request) (scope string, err error)
// AccessTokenExpHandler set expiration date for the access token
AccessTokenExpHandler func(w http.ResponseWriter, r *http.Request) (exp time.Duration, err error)
// ExtensionFieldsHandler in response to the access token with the extension of the field
ExtensionFieldsHandler func(ti oauth2.TokenInfo) (fieldsValue map[string]interface{})
)
// ClientFormHandler get client data from form
func ClientFormHandler(r *http.Request) (string, string, error) {
clientID := r.Form.Get("client_id")
if clientID == "" {
return "", "", errors.ErrInvalidClient
}
clientSecret := r.Form.Get("client_secret")
return clientID, clientSecret, nil
}
// ClientBasicHandler get client data from basic authorization
func ClientBasicHandler(r *http.Request) (string, string, error) {
username, password, ok := r.BasicAuth()
if !ok {
return "", "", errors.ErrInvalidClient
}
return username, password, nil
}
|
