oauth

package
v0.0.0-...-a89b161 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 15, 2016 License: MPL-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source 
const TokenType = "Bearer"

TokenType is default type of generated tokens.

Variables

View Source 
var (
	// ErrAccessTokenNotFound ...
	ErrAccessTokenNotFound = errors.New("Access token not found")
	// ErrAccessTokenExpired ...
	ErrAccessTokenExpired = errors.New("Access token expired")
)
View Source 
var (
	// ErrAuthorizationCodeNotFound ...
	ErrAuthorizationCodeNotFound = errors.New("Authorization code not found")
	// ErrAuthorizationCodeExpired ...
	ErrAuthorizationCodeExpired = errors.New("Authorization code expired")
)
View Source 
var (
	// ErrClientNotFound ...
	ErrClientNotFound = errors.New("Client not found")
	// ErrInvalidClientSecret ...
	ErrInvalidClientSecret = errors.New("Invalid client secret")
)
View Source 
var (
	// ErrInvalidGrantType ...
	ErrInvalidGrantType = errors.New("Invalid grant type")
	// ErrClientAuthenticationRequired ...
	ErrClientAuthenticationRequired = errors.New("Client authentication required")
)
View Source 
var (
	// ErrTokenMissing ...
	ErrTokenMissing = errors.New("Token missing")
	// ErrTokenHintInvalid ...
	ErrTokenHintInvalid = errors.New("Invalid token hint")
)
View Source 
var (
	// ErrRefreshTokenNotFound ...
	ErrRefreshTokenNotFound = errors.New("Refresh token not found")
	// ErrRefreshTokenExpired ...
	ErrRefreshTokenExpired = errors.New("Refresh token expired")
)
View Source 
var (
	// ErrUserNotFound ...
	ErrUserNotFound = errors.New("User not found")
	// ErrInvalidUserPassword ...
	ErrInvalidUserPassword = errors.New("Invalid user password")
	// ErrCannotSetEmptyUserPassword ...
	ErrCannotSetEmptyUserPassword = errors.New("Cannot set empty user password")
	// ErrUserPasswordNotSet ...
	ErrUserPasswordNotSet = errors.New("User password not set")
)
View Source 
var (
	// ErrInvalidRedirectURI ...
	ErrInvalidRedirectURI = errors.New("Invalid redirect URI")
)
View Source 
var (
	// ErrInvalidScope ...
	ErrInvalidScope = errors.New("Invalid scope")
)
View Source 
var (
	// ErrRequestedScopeCannotBeGreater ...
	ErrRequestedScopeCannotBeGreater = errors.New("Requested scope cannot be greater")
)
View Source 
var (
	// ErrUserAuthenticationRequired ...
	ErrUserAuthenticationRequired = errors.New("User authentication required")
)

Functions

func MigrateAll 

func MigrateAll(db *gorm.DB) error

MigrateAll executes all migrations

func RegisterRoutes 

func RegisterRoutes(router *mux.Router, service *Service)

RegisterRoutes registers route handlers for the oauth service

Types

type AccessToken 

type AccessToken struct {
	gorm.Model
	ClientID  sql.NullInt64 `sql:"index;not null"`
	UserID    sql.NullInt64 `sql:"index"`
	Client    *Client
	User      *User
	Token     string    `sql:"type:varchar(40);unique;not null"`
	ExpiresAt time.Time `sql:"not null"`
	Scope     string    `sql:"type:varchar(200);not null"`
}

AccessToken ...

func NewAccessToken 

func NewAccessToken(client *Client, user *User, expiresIn int, scope string) *AccessToken

NewAccessToken creates new AccessToken instance

func (*AccessToken) TableName 

func (at *AccessToken) TableName() string

TableName specifies table name

type AccessTokenResponse 

type AccessTokenResponse struct {
	ID           uint   `json:"id"`
	UserID       uint   `json:"user_id,omitempty"`
	AccessToken  string `json:"access_token"`
	ExpiresIn    int    `json:"expires_in"`
	TokenType    string `json:"token_type"`
	Scope        string `json:"scope"`
	RefreshToken string `json:"refresh_token,omitempty"`
}

AccessTokenResponse ...

type AuthorizationCode 

type AuthorizationCode struct {
	gorm.Model
	ClientID    sql.NullInt64 `sql:"index;not null"`
	UserID      sql.NullInt64 `sql:"index;not null"`
	Client      *Client
	User        *User
	Code        string         `sql:"type:varchar(40);unique;not null"`
	RedirectURI sql.NullString `sql:"type:varchar(200)"`
	ExpiresAt   time.Time      `sql:"not null"`
	Scope       string         `sql:"type:varchar(200);not null"`
}

AuthorizationCode ...

func NewAuthorizationCode 

func NewAuthorizationCode(client *Client, user *User, expiresIn int, redirectURI, scope string) *AuthorizationCode

NewAuthorizationCode creates new AuthorizationCode instance

func (*AuthorizationCode) TableName 

func (ac *AuthorizationCode) TableName() string

TableName specifies table name

type Client 

type Client struct {
	gorm.Model
	Key         string         `sql:"type:varchar(254);unique;not null"`
	Secret      string         `sql:"type:varchar(60);not null"`
	RedirectURI sql.NullString `sql:"type:varchar(200)"`
}

Client ...

func (*Client) TableName 

func (c *Client) TableName() string

TableName specifies table name

type IntrospectResponse 

type IntrospectResponse struct {
	Active    bool   `json:"active"`
	Scope     string `json:"scope,omitempty"`
	ClientID  string `json:"client_id,omitempty"`
	Username  string `json:"username,omitempty"`
	TokenType string `json:"token_type,omitempty"`
	ExpiresAt int    `json:"exp,omitempty"`
}

IntrospectResponse ...

type RefreshToken 

type RefreshToken struct {
	gorm.Model
	ClientID  sql.NullInt64 `sql:"index;not null"`
	UserID    sql.NullInt64 `sql:"index"`
	Client    *Client
	User      *User
	Token     string    `sql:"type:varchar(40);unique;not null"`
	ExpiresAt time.Time `sql:"not null"`
	Scope     string    `sql:"type:varchar(200);not null"`
}

RefreshToken ...

func NewRefreshToken 

func NewRefreshToken(client *Client, user *User, expiresIn int, scope string) *RefreshToken

NewRefreshToken creates new RefreshToken instance

func (*RefreshToken) TableName 

func (rt *RefreshToken) TableName() string

TableName specifies table name

type Scope 

type Scope struct {
	gorm.Model
	Scope       string `sql:"type:varchar(200);unique;not null"`
	Description sql.NullString
	IsDefault   bool `sql:"default:false"`
}

Scope ...

func (*Scope) TableName 

func (s *Scope) TableName() string

TableName specifies table name

type Service 

type Service struct {
	// contains filtered or unexported fields
}

Service struct keeps objects to avoid passing them around

func NewService 

func NewService(cnf *config.Config, db *gorm.DB) *Service

NewService starts a new Service instance

func (*Service) AuthClient 

func (s *Service) AuthClient(clientID, secret string) (*Client, error)

AuthClient authenticates client

func (*Service) AuthUser 

func (s *Service) AuthUser(username, password string) (*User, error)

AuthUser authenticates user

func (*Service) Authenticate 

func (s *Service) Authenticate(token string) (*AccessToken, error)

Authenticate checks the access token is valid

func (*Service) ClientExists 

func (s *Service) ClientExists(clientID string) bool

ClientExists returns true if client exists

func (*Service) CreateClient 

func (s *Service) CreateClient(clientID, secret, redirectURI string) (*Client, error)

CreateClient saves a new client to database

func (*Service) CreateClientTx 

func (s *Service) CreateClientTx(tx *gorm.DB, clientID, secret, redirectURI string) (*Client, error)

CreateClientTx saves a new client to database using injected db object

func (*Service) CreateUser 

func (s *Service) CreateUser(username, password string) (*User, error)

CreateUser saves a new user to database

func (*Service) CreateUserTx 

func (s *Service) CreateUserTx(tx *gorm.DB, username, password string) (*User, error)

CreateUserTx saves a new user to database using injected db object

func (*Service) FindClientByClientID 

func (s *Service) FindClientByClientID(clientID string) (*Client, error)

FindClientByClientID looks up a client by client ID

func (*Service) FindUserByUsername 

func (s *Service) FindUserByUsername(username string) (*User, error)

FindUserByUsername looks up a user by username

func (*Service) GetOrCreateRefreshToken 

func (s *Service) GetOrCreateRefreshToken(client *Client, user *User, expiresIn int, scope string) (*RefreshToken, error)

GetOrCreateRefreshToken retrieves an existing refresh token, if expired, the token gets deleted and new refresh token is created

func (*Service) GetScope 

func (s *Service) GetScope(requestedScope string) (string, error)

GetScope takes a requested scope and, if it's empty, returns the default scope, if not empty, it validates the requested scope

func (*Service) GetValidRefreshToken 

func (s *Service) GetValidRefreshToken(token string, client *Client) (*RefreshToken, error)

GetValidRefreshToken returns a valid non expired refresh token

func (*Service) GrantAccessToken 

func (s *Service) GrantAccessToken(client *Client, user *User, expiresIn int, scope string) (*AccessToken, error)

GrantAccessToken deletes old tokens and grants a new access token

func (*Service) GrantAuthorizationCode 

func (s *Service) GrantAuthorizationCode(client *Client, user *User, expiresIn int, redirectURI, scope string) (*AuthorizationCode, error)

GrantAuthorizationCode grants a new authorization code

func (*Service) IntrospectResponseAccessToken 

func (s *Service) IntrospectResponseAccessToken(at *AccessToken) *IntrospectResponse

func (*Service) IntrospectResponseRefreshToken 

func (s *Service) IntrospectResponseRefreshToken(rt *RefreshToken) *IntrospectResponse

func (*Service) Login 

func (s *Service) Login(client *Client, user *User, scope string) (*AccessToken, *RefreshToken, error)

Login creates an access token and refresh token for a user (logs him/her in)

func (*Service) SetPassword 

func (s *Service) SetPassword(user *User, password string) error

SetPassword saves a new user to database

func (*Service) UserExists 

func (s *Service) UserExists(username string) bool

UserExists returns true if user exists

type ServiceInterface 

type ServiceInterface interface {
	// Exported methods
	ClientExists(clientID string) bool
	FindClientByClientID(clientID string) (*Client, error)
	CreateClient(clientID, secret, redirectURI string) (*Client, error)
	CreateClientTx(tx *gorm.DB, clientID, secret, redirectURI string) (*Client, error)
	AuthClient(clientID, secret string) (*Client, error)
	UserExists(username string) bool
	FindUserByUsername(username string) (*User, error)
	CreateUser(username, password string) (*User, error)
	CreateUserTx(tx *gorm.DB, username, password string) (*User, error)
	SetPassword(user *User, password string) error
	AuthUser(username, thePassword string) (*User, error)
	GetScope(requestedScope string) (string, error)
	Login(client *Client, user *User, scope string) (*AccessToken, *RefreshToken, error)
	GrantAuthorizationCode(client *Client, user *User, expiresIn int, redirectURI, scope string) (*AuthorizationCode, error)
	GrantAccessToken(client *Client, user *User, expiresIn int, scope string) (*AccessToken, error)
	GetOrCreateRefreshToken(client *Client, user *User, expiresIn int, scope string) (*RefreshToken, error)
	GetValidRefreshToken(token string, client *Client) (*RefreshToken, error)
	Authenticate(token string) (*AccessToken, error)
	// contains filtered or unexported methods
}

ServiceInterface defines exported methods

type ServiceMock 

type ServiceMock struct {
	mock.Mock
}

ServiceMock is a mocked object implementing ServiceInterface

func (*ServiceMock) AuthClient 

func (_m *ServiceMock) AuthClient(clientID string, secret string) (*Client, error)

AuthClient ...

func (*ServiceMock) AuthUser 

func (_m *ServiceMock) AuthUser(username string, thePassword string) (*User, error)

AuthUser ...

func (*ServiceMock) Authenticate 

func (_m *ServiceMock) Authenticate(token string) (*AccessToken, error)

Authenticate ...

func (*ServiceMock) ClientExists 

func (_m *ServiceMock) ClientExists(clientID string) bool

ClientExists ...

func (*ServiceMock) CreateClient 

func (_m *ServiceMock) CreateClient(clientID string, secret string, redirectURI string) (*Client, error)

CreateClient ...

func (*ServiceMock) CreateClientTx 

func (_m *ServiceMock) CreateClientTx(tx *gorm.DB, clientID string, secret string, redirectURI string) (*Client, error)

CreateClientTx ...

func (*ServiceMock) CreateUser 

func (_m *ServiceMock) CreateUser(username string, password string) (*User, error)

CreateUser ...

func (*ServiceMock) CreateUserTx 

func (_m *ServiceMock) CreateUserTx(tx *gorm.DB, username string, password string) (*User, error)

CreateUserTx ...

func (*ServiceMock) FindClientByClientID 

func (_m *ServiceMock) FindClientByClientID(clientID string) (*Client, error)

FindClientByClientID ...

func (*ServiceMock) FindUserByUsername 

func (_m *ServiceMock) FindUserByUsername(username string) (*User, error)

FindUserByUsername ...

func (*ServiceMock) GetOrCreateRefreshToken 

func (_m *ServiceMock) GetOrCreateRefreshToken(client *Client, user *User, expiresIn int, scope string) (*RefreshToken, error)

GetOrCreateRefreshToken ...

func (*ServiceMock) GetScope 

func (_m *ServiceMock) GetScope(requestedScope string) (string, error)

GetScope ...

func (*ServiceMock) GetValidRefreshToken 

func (_m *ServiceMock) GetValidRefreshToken(token string, client *Client) (*RefreshToken, error)

GetValidRefreshToken ...

func (*ServiceMock) GrantAccessToken 

func (_m *ServiceMock) GrantAccessToken(client *Client, user *User, expiresIn int, scope string) (*AccessToken, error)

GrantAccessToken ...

func (*ServiceMock) GrantAuthorizationCode 

func (_m *ServiceMock) GrantAuthorizationCode(client *Client, user *User, expiresIn int, redirectURI string, scope string) (*AuthorizationCode, error)

GrantAuthorizationCode ...

func (*ServiceMock) Login 

func (_m *ServiceMock) Login(client *Client, user *User, scope string) (*AccessToken, *RefreshToken, error)

Login ...

func (*ServiceMock) SetPassword 

func (_m *ServiceMock) SetPassword(user *User, password string) error

SetPassword ...

func (*ServiceMock) UserExists 

func (_m *ServiceMock) UserExists(username string) bool

UserExists ...

type User 

type User struct {
	gorm.Model
	Username string         `sql:"type:varchar(254);unique;not null"`
	Password sql.NullString `sql:"type:varchar(60)"`
}

User ...

func (*User) TableName 

func (u *User) TableName() string

TableName specifies table name

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.