Documentation ¶
Index ¶
- Constants
- Variables
- func BytesToPrivateKey(priv []byte) *rsa.PrivateKey
- func BytesToPublicKey(pub []byte) *rsa.PublicKey
- func DecryptWithPrivateKey(cipherText string, priv *rsa.PrivateKey) (string, error)
- func EncryptWithPublicKey(msg []byte, pub *rsa.PublicKey) (string, error)
- func GenerateKeyPair(bits int) (*rsa.PrivateKey, *rsa.PublicKey)
- func RandomKey(length int) string
- func SavePEMKey(fileName string, key *rsa.PrivateKey)
- func SavePublicPEMKey(fileName string, pubkey *rsa.PublicKey)
- type AccessTokenPayload
- type AccessTokens
- type Clients
- type Config
- type Model
- type RefreshTokenPayload
- type RefreshTokens
- type Store
- func (s *Store) ClearByAccessToken(userId int64) error
- func (s *Store) Close()
- func (s *Store) Create(info TokenInfo) (TokenResponse, error)
- func (s *Store) CreateClient(userId int64) (Clients, error)
- func (s *Store) GetByAccess(access string) (*AccessTokens, error)
- func (s *Store) GetByRefresh(refresh string) (*AccessTokens, error)
- func (s *Store) RevokeByAccessTokens(userId int64) error
- func (s *Store) RevokeRefreshToken(accessTokenId string) error
- type Token
- func (t *Token) GetAccessCreateAt() time.Time
- func (t *Token) GetAccessExpiresIn() time.Duration
- func (t *Token) GetClientID() uuid.UUID
- func (t *Token) GetClientSecret() string
- func (t *Token) GetRedirectURI() string
- func (t *Token) GetRefreshCreateAt() time.Time
- func (t *Token) GetRefreshExpiresIn() time.Duration
- func (t *Token) GetScope() string
- func (t *Token) GetUserID() int64
- func (t *Token) New() TokenInfo
- func (t *Token) SetAccessCreateAt(createAt time.Time)
- func (t *Token) SetAccessExpiresIn(exp time.Duration)
- func (t *Token) SetClientID(clientID uuid.UUID)
- func (t *Token) SetClientSecret() string
- func (t *Token) SetRedirectURI(redirectURI string)
- func (t *Token) SetRefreshCreateAt(createAt time.Time)
- func (t *Token) SetRefreshExpiresIn(exp time.Duration)
- func (t *Token) SetScope(scope string)
- func (t *Token) SetUserID(userID int64)
- type TokenInfo
- type TokenResponse
Constants ¶
const ( PublicPem = "public.pem" PrivatePem = "private.pem" AccessTokenTable = "oauth_access_tokens" RefreshTokenTable = "oauth_refresh_tokens" ClientTable = "oauth_clients" BitSize = 2048 RefreshTokenRevoked = "refresh token already been revoked" AccessTokenRevoked = "access token has already been revoked" AccessTokenExpired = "access token has already been expired" InvalidRefreshToken = "invalid refresh token" InvalidAccessToken = "invalid access token" InvalidClient = "invalid client" EmptyUserID = "user id cannot be empty" Label = "OAEP Encrypted" PublicKey = "PUBLIC KEY" PrivateKey = "PRIVATE KEY" )
constants
Variables ¶
var RandomKeyCharacters = []byte("abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ")
RandomKeyCharacters is random key characters to choose from
Functions ¶
func BytesToPrivateKey ¶
func BytesToPrivateKey(priv []byte) *rsa.PrivateKey
BytesToPrivateKey converts given bytes to *rsa.PrivateKey
func BytesToPublicKey ¶
BytesToPublicKey converts given bytes to *rsa.PublicKey
func DecryptWithPrivateKey ¶
func DecryptWithPrivateKey(cipherText string, priv *rsa.PrivateKey) (string, error)
DecryptWithPrivateKey decrypts given []byte, with private key
func EncryptWithPublicKey ¶
EncryptWithPublicKey encrypts given []byte, with public key
func GenerateKeyPair ¶
func GenerateKeyPair(bits int) (*rsa.PrivateKey, *rsa.PublicKey)
GenerateKeyPair generates a new key pair
func SavePEMKey ¶
func SavePEMKey(fileName string, key *rsa.PrivateKey)
SavePEMKey saves generated *rsa.PrivateKey to file
func SavePublicPEMKey ¶
SavePublicPEMKey saves generated *rsa.PublicKey to file
Types ¶
type AccessTokenPayload ¶
type AccessTokenPayload struct { UserId int64 `db:"user_id"` ClientId uuid.UUID `db:"client_id"` ExpiredAt int64 `db:"expired_at"` }
AccessTokenPayload is data that will be encrypted by RSA encryption
type AccessTokens ¶
type AccessTokens struct { Model AccessTokenPayload Name string `db:"name"` Revoked bool `db:"revoked"` }
AccessTokens is model for Oauth Access Token
type Clients ¶
type Clients struct { Model UserId int64 `db:"user_id"` Name string `db:"name"` Secret string `db:"secret"` Revoked bool `db:"revoked"` Redirect string `db:"redirect"` }
Clients is model for oauth clients
type Model ¶
type Model struct { ID uuid.UUID `db:"id,primarykey"` CreatedAt time.Time `db:"created_at"` UpdatedAt time.Time `db:"updated_at"` }
Model is default model
type RefreshTokenPayload ¶
RefreshTokenPayload is model for oauth refresh token
type RefreshTokens ¶
type RefreshTokens struct { Model RefreshTokenPayload Revoked bool `db:"revoked"` }
RefreshTokens is model for oauth refresh token
type Store ¶
type Store struct {
// contains filtered or unexported fields
}
Store mysql token store model
func NewDefaultStore ¶
NewDefaultStore create mysql store instance, config mysql configuration,
func NewStore ¶
NewStore create mysql store instance, config mysql configuration, GC time interval (in seconds, default 600)
func NewStoreWithDB ¶
NewStoreWithDB create mysql store instance, db sql.DB, GC time interval (in seconds, default 600)
func (*Store) ClearByAccessToken ¶
ClearByAccessToken clears all token related to user, userId id of user whose access token needs to be cleared
func (*Store) Create ¶
func (s *Store) Create(info TokenInfo) (TokenResponse, error)
Create create and store the new token information
func (*Store) CreateClient ¶
CreateClient creates new client, userId user's id who created the client
func (*Store) GetByAccess ¶
func (s *Store) GetByAccess(access string) (*AccessTokens, error)
GetByAccess use the access token for token information data, access Access token string
func (*Store) GetByRefresh ¶
func (s *Store) GetByRefresh(refresh string) (*AccessTokens, error)
GetByRefresh use the refresh token for token information data, refresh Refresh token string
func (*Store) RevokeByAccessTokens ¶
RevokeByAccessTokens revokes token from accessToken
func (*Store) RevokeRefreshToken ¶
RevokeRefreshToken revokes token from RefreshToken,
type Token ¶
type Token struct { ClientID uuid.UUID `bson:"ClientID"` ClientSecret string `bson:"ClientSecret"` UserID int64 `bson:"UserID"` RedirectURI string `bson:"RedirectURI"` Scope string `bson:"Scope"` AccessCreateAt time.Time `bson:"AccessCreateAt"` AccessExpiresIn time.Duration `bson:"AccessExpiresIn"` RefreshCreateAt time.Time `bson:"RefreshCreateAt"` RefreshExpiresIn time.Duration `bson:"RefreshExpiresIn"` }
Token struct which hold token details
func (*Token) GetAccessCreateAt ¶
GetAccessCreateAt create Time
func (*Token) GetAccessExpiresIn ¶
GetAccessExpiresIn the lifetime in seconds of the access token
func (*Token) GetClientSecret ¶
GetClientSecret the client id
func (*Token) GetRefreshCreateAt ¶
GetRefreshCreateAt create Time
func (*Token) GetRefreshExpiresIn ¶
GetRefreshExpiresIn the lifetime in seconds of the refresh token
func (*Token) SetAccessCreateAt ¶
SetAccessCreateAt create Time
func (*Token) SetAccessExpiresIn ¶
SetAccessExpiresIn the lifetime in seconds of the access token
func (*Token) SetClientID ¶
SetClientID the client id
func (*Token) SetClientSecret ¶
SetClientSecret the client id
func (*Token) SetRedirectURI ¶
SetRedirectURI redirect URI
func (*Token) SetRefreshCreateAt ¶
SetRefreshCreateAt create Time
func (*Token) SetRefreshExpiresIn ¶
SetRefreshExpiresIn the lifetime in seconds of the refresh token
type TokenInfo ¶
type TokenInfo interface { New() TokenInfo GetClientID() uuid.UUID SetClientID(uuid.UUID) GetClientSecret() string SetClientSecret() string GetUserID() int64 SetUserID(int64) GetRedirectURI() string SetRedirectURI(string) GetScope() string SetScope(string) GetAccessCreateAt() time.Time SetAccessCreateAt(time.Time) GetAccessExpiresIn() time.Duration SetAccessExpiresIn(time.Duration) GetRefreshCreateAt() time.Time SetRefreshCreateAt(time.Time) GetRefreshExpiresIn() time.Duration SetRefreshExpiresIn(time.Duration) }
TokenInfo the token information model interface
type TokenResponse ¶
type TokenResponse struct { AccessToken string `json:"access_token"` RefreshToken string `json:"refresh_token"` ExpiredAt int64 `json:"expired_at"` }
TokenResponse model after creating access token and refresh token