README
¶
OSIN Example
The purpose of this repository is to provide Golang example code of an identity provider using oAuth 2.0 to grant access to users and third-party developers. This code uses the openshift/osin Golang oAuth 2.0 library.
Setup
-
Clone the project.
-
Install the dependencies
go get ./... -
Please create a default client which you can use to a frontend.
go run main.go add_client --client_id=frontend \ --client_secret=pleasechangethisnow \ --redirect_uri=http://127.0.0.1:8002/appauth/code -
Setup the database.
-
Run the following environment variables in your terminal:
export OSIN_DB_HOST=localhost export OSIN_DB_PORT=5432 export OSIN_DB_USER=golang export OSIN_DB_PASSWORD=123password export OSIN_DB_NAME=osinexample_db export OSIN_APP_ADDRESS=http://127.0.0.1:8000 export OSIN_APP_SECRET_KEY=pass-secret-1234566-please-change-me export OSIN_APP_FRONTEND_CLIENT_ID=frontend export OSIN_APP_FRONTEND_CLIENT_SECRET=pleasechangethisnow export OSIN_APP_FRONTEND_RETURN_URL=http://127.0.0.1:8001/appauth/code -
Run the server.
go run main.go serve -
You are ready to use your server.
Documentation
Unprotected Resources
User Registration
Register an identity with our system.
go run main.go register -b=Bart -c=Mika -d=demo@demo.com -e=123password -f=en
User Login
Simple login, run and then copy+paste the result export to the terminal
go run main.go login --email=demo@demo.com --password=123password
User Token Refresh
Get new refresh API
go run main.go refresh_token --refresh_token=xxx --grant_type=refresh_token
oAuth 2.0
Password Grant
Here is how you do password based grant
go run main.go osin_password --email=demo@demo.com \
--password=123password \
--client_id=frontend \
--client_secret=pleasechangethisnow \
--redirect_uri=http://127.0.0.1:8001/appauth/code \
--authorize_uri=http://localhost:8000/authorize \
--token_url=http://localhost:8000/token
Client Credentials Grant
Get our token from the client credentials.
go run main.go osin_client_credential --client_id=frontend \
--client_secret=pleasechangethisnow \
--redirect_uri=http://127.0.0.1:8001/appauth/code \
--authorize_uri=http://localhost:8000/authorize \
--token_url=http://localhost:8000/authorize
Refresh Token
Let's refresh our access token with our refresh token.
go run main.go osin_refresh_token --client_id=frontend \
--client_secret=pleasechangethisnow \
--redirect_uri=http://127.0.0.1:8001/appauth/code \
--authorize_uri=http://localhost:8000/authorize \
--token_url=http://localhost:8000/authorize
Protect Resources
Get Tenant
Check we are able to access our protected resource
go run main.go tenant_retrieve --id=1
License
Made with ❤️ by Bartlomiej Mika.
The project is licensed under the Unlicense.
Third party libraries and resources:
- github.com/openshift/osin (BSD-3-Clause License) is used for oAuth 2.0 server implementation.
- github.com/ShaleApps/osinredis (MIT) is used for the oAuth 2.0 server session storage handling.
- go-oauth2/oauth2 (MIT) was not used but was a valuable learning resource.
- golang.org/x/oauth2 (BSD-3-Clause License) is used for client side oAuth 2.0 library.
- github.com/google/uuid (BSD-3-Clause License) is used for generating UUID values.
- github.com/rs/cors (MIT) is used for dealing with CORS headers for every request made to this API server.
- github.com/spf13/cobra (Apache-2.0 License) is used to structure this application using a CLI.
- github.com/go-redis/redis (BSD-2-Clause License) is used for
redishandling. - golang.org/x/crypto/bcrypt (BSD-3-Clause License) is used for password hashing.
- github.com/lib/pq (OTHER) is used for
postgreshandling. - gopkg.in/guregu/null.v4 (BSD-2-Clause License) is used for null fields in marshal/unmarshal operations.
- rfc6749 - The OAuth 2.0 Authorization Framework used as specs.
Documentation
¶
There is no documentation for this package.
Source Files
Directories