Documentation ¶
Index ¶
- Variables
- func ClientBasicHandler(r *http.Request) (string, string, error)
- func ClientFormHandler(r *http.Request) (string, string, error)
- func DefaultValidateURI(baseURI string, redirectURI string) error
- func NewAccessGenerate() *accessGenerate
- func NewAuthorizeGenerate() *authorizeGenerate
- func NewDefaultManager() *manager
- func NewManager() *manager
- type AccessGenerate
- type AccessTokenExpHandler
- type AuthorizeGenerate
- type AuthorizeRequest
- type AuthorizeScopeHandler
- type Client
- type ClientAuthorizedHandler
- type ClientInfo
- type ClientInfoHandler
- type ClientPasswordVerifier
- type ClientScopeHandler
- type ClientStore
- type CodeChallengeMethod
- type Config
- type ConfigConfig
- type ExtensionFieldsHandler
- type GenerateBasic
- type GrantType
- type InternalErrorHandler
- type Manager
- type PasswordAuthorizationHandler
- type PreRedirectErrorHandler
- type RefreshingConfig
- type RefreshingScopeHandler
- type RefreshingValidationHandler
- type Response
- type ResponseErrorHandler
- type ResponseTokenHandler
- type ResponseType
- type Server
- func (s *Server) BearerAuth(r *http.Request) (string, bool)
- func (s *Server) CheckCodeChallengeMethod(ccm CodeChallengeMethod) bool
- func (s *Server) CheckGrantType(gt GrantType) bool
- func (s *Server) CheckResponseType(rt ResponseType) bool
- func (s *Server) GetAccessToken(ctx context.Context, gt GrantType, tgr *TokenGenerateRequest) (TokenInfo, error)
- func (s *Server) GetAuthorizeData(rt ResponseType, ti TokenInfo) map[string]interface{}
- func (s *Server) GetAuthorizeToken(ctx context.Context, req *AuthorizeRequest) (TokenInfo, error)
- func (s *Server) GetErrorData(err error) (map[string]interface{}, int, http.Header)
- func (s *Server) GetRedirectURI(req *AuthorizeRequest, data map[string]interface{}) (string, error)
- func (s *Server) GetTokenData(ti TokenInfo) map[string]interface{}
- func (s *Server) HandleAuthorizeRequest(w http.ResponseWriter, r *http.Request) (string, error)
- func (s *Server) HandleTokenRequest(w http.ResponseWriter, r *http.Request) error
- func (s *Server) SetAccessTokenExpHandler(handler AccessTokenExpHandler)
- func (s *Server) SetAllowGetAccessRequest(allow bool)
- func (s *Server) SetAllowedGrantType(types ...GrantType)
- func (s *Server) SetAllowedResponseType(types ...ResponseType)
- func (s *Server) SetAuthorizeScopeHandler(handler AuthorizeScopeHandler)
- func (s *Server) SetClientAuthorizedHandler(handler ClientAuthorizedHandler)
- func (s *Server) SetClientInfoHandler(handler ClientInfoHandler)
- func (s *Server) SetClientScopeHandler(handler ClientScopeHandler)
- func (s *Server) SetExtensionFieldsHandler(handler ExtensionFieldsHandler)
- func (s *Server) SetInternalErrorHandler(handler InternalErrorHandler)
- func (s *Server) SetPasswordAuthorizationHandler(handler PasswordAuthorizationHandler)
- func (s *Server) SetPreRedirectErrorHandler(handler PreRedirectErrorHandler)
- func (s *Server) SetRefreshingScopeHandler(handler RefreshingScopeHandler)
- func (s *Server) SetRefreshingValidationHandler(handler RefreshingValidationHandler)
- func (s *Server) SetResponseErrorHandler(handler ResponseErrorHandler)
- func (s *Server) SetResponseTokenHandler(handler ResponseTokenHandler)
- func (s *Server) SetTokenType(tokenType string)
- func (s *Server) SetUserAuthorizationHandler(handler UserAuthorizationHandler)
- func (s *Server) ValidationAuthorizeRequest(r *http.Request) (*AuthorizeRequest, error)
- func (s *Server) ValidationBearerToken(r *http.Request) (TokenInfo, error)
- func (s *Server) ValidationTokenRequest(r *http.Request) (GrantType, *TokenGenerateRequest, error)
- type Token
- func (t *Token) GetAccess() string
- func (t *Token) GetAccessCreateAt() time.Time
- func (t *Token) GetAccessExpiresIn() time.Duration
- func (t *Token) GetClientID() string
- func (t *Token) GetCode() string
- func (t *Token) GetCodeChallenge() string
- func (t *Token) GetCodeChallengeMethod() CodeChallengeMethod
- func (t *Token) GetCodeCreateAt() time.Time
- func (t *Token) GetCodeExpiresIn() time.Duration
- func (t *Token) GetRedirectURI() string
- func (t *Token) GetRefresh() string
- func (t *Token) GetRefreshCreateAt() time.Time
- func (t *Token) GetRefreshExpiresIn() time.Duration
- func (t *Token) GetScope() string
- func (t *Token) GetUserID() string
- func (t *Token) New() TokenInfo
- func (t *Token) SetAccess(access string)
- func (t *Token) SetAccessCreateAt(createAt time.Time)
- func (t *Token) SetAccessExpiresIn(exp time.Duration)
- func (t *Token) SetClientID(clientID string)
- func (t *Token) SetCode(code string)
- func (t *Token) SetCodeChallenge(code string)
- func (t *Token) SetCodeChallengeMethod(method CodeChallengeMethod)
- func (t *Token) SetCodeCreateAt(createAt time.Time)
- func (t *Token) SetCodeExpiresIn(exp time.Duration)
- func (t *Token) SetRedirectURI(redirectURI string)
- func (t *Token) SetRefresh(refresh string)
- func (t *Token) SetRefreshCreateAt(createAt time.Time)
- func (t *Token) SetRefreshExpiresIn(exp time.Duration)
- func (t *Token) SetScope(scope string)
- func (t *Token) SetUserID(userID string)
- type TokenGenerateRequest
- type TokenInfo
- type TokenStore
- type UserAuthorizationHandler
- type ValidateURIHandler
Constants ¶
This section is empty.
Variables ¶
var ( DefaultCodeExp = time.Minute * 10 DefaultAuthorizeCodeTokenCfg = &Config{AccessTokenExp: time.Hour * 24 * 365, RefreshTokenExp: time.Hour * 24 * 365, IsGenerateRefresh: true} DefaultImplicitTokenCfg = &Config{AccessTokenExp: time.Hour * 24 * 365} DefaultPasswordTokenCfg = &Config{AccessTokenExp: time.Hour * 24 * 365, RefreshTokenExp: time.Hour * 24 * 365, IsGenerateRefresh: true} DefaultClientTokenCfg = &Config{AccessTokenExp: time.Hour * 24 * 365} DefaultRefreshTokenCfg = &RefreshingConfig{IsGenerateRefresh: true, IsRemoveAccess: true, IsRemoveRefreshing: true} )
default configs
var ( ErrInvalidRedirectURI = errors.New("invalid redirect uri") ErrInvalidAuthorizeCode = errors.New("invalid authorize code") ErrInvalidAccessToken = errors.New("invalid access token") ErrInvalidRefreshToken = errors.New("invalid refresh token") ErrExpiredAccessToken = errors.New("expired access token") ErrExpiredRefreshToken = errors.New("expired refresh token") ErrMissingCodeVerifier = errors.New("missing code verifier") ErrMissingCodeChallenge = errors.New("missing code challenge") ErrInvalidCodeChallenge = errors.New("invalid code challenge") )
known errors
var ( ErrInvalidRequest = errors.New("invalid_request") ErrAccessDenied = errors.New("access_denied") ErrUnsupportedResponseType = errors.New("unsupported_response_type") ErrInvalidScope = errors.New("invalid_scope") ErrServerError = errors.New("server_error") ErrInvalidClient = errors.New("invalid_client") ErrInvalidGrant = errors.New("invalid_grant") ErrUnsupportedGrantType = errors.New("unsupported_grant_type") ErrCodeChallengeRquired = errors.New("invalid_request") ErrUnsupportedCodeChallengeMethod = errors.New("invalid_request") ErrInvalidCodeChallengeLen = errors.New("invalid_request") )
https://tools.ietf.org/html/rfc6749#section-5.2
var Descriptions = map[error]string{ ErrInvalidRequest: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed", ErrUnauthorizedClient: "The client is not authorized to request an authorization code using this method", ErrAccessDenied: "The resource owner or authorization server denied the request", ErrUnsupportedResponseType: "The authorization server does not support obtaining an authorization code using this method", ErrInvalidScope: "The requested scope is invalid, unknown, or malformed", ErrServerError: "The authorization server encountered an unexpected condition that prevented it from fulfilling the request", ErrTemporarilyUnavailable: "The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server", ErrInvalidClient: "Client authentication failed", ErrInvalidGrant: "The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client", ErrUnsupportedGrantType: "The authorization grant type is not supported by the authorization server", ErrCodeChallengeRquired: "PKCE is required. code_challenge is missing", ErrUnsupportedCodeChallengeMethod: "Selected code_challenge_method not supported", ErrInvalidCodeChallengeLen: "Code challenge length must be between 43 and 128 charachters long", }
Descriptions error description
var New = errors.New
New returns an error that formats as the given text.
var StatusCodes = map[error]int{ ErrInvalidRequest: 400, ErrUnauthorizedClient: 401, ErrAccessDenied: 403, ErrUnsupportedResponseType: 401, ErrInvalidScope: 400, ErrServerError: 500, ErrTemporarilyUnavailable: 503, ErrInvalidClient: 401, ErrInvalidGrant: 401, ErrUnsupportedGrantType: 401, ErrCodeChallengeRquired: 400, ErrUnsupportedCodeChallengeMethod: 400, ErrInvalidCodeChallengeLen: 400, }
StatusCodes response error HTTP status code
Functions ¶
func ClientBasicHandler ¶
ClientBasicHandler get client data from basic authorization
func ClientFormHandler ¶
ClientFormHandler get client data from form
func DefaultValidateURI ¶
DefaultValidateURI validates that redirectURI is contained in baseURI
func NewAccessGenerate ¶
func NewAccessGenerate() *accessGenerate
NewAccessGenerate create to generate the access token instance
func NewAuthorizeGenerate ¶
func NewAuthorizeGenerate() *authorizeGenerate
NewAuthorizeGenerate create to generate the authorize code instance
func NewDefaultManager ¶
func NewDefaultManager() *manager
NewDefaultManager create to default authorization management instance
Types ¶
type AccessGenerate ¶
type AccessGenerate interface {
Token(ctx context.Context, clientId, userId string, createdAt time.Time, isGenRefresh bool) (access, refresh string, err error)
}
AccessGenerate generate the access and refresh tokens interface
type AccessTokenExpHandler ¶
type AccessTokenExpHandler func(w http.ResponseWriter, r *http.Request) (exp time.Duration, err error)
AccessTokenExpHandler set expiration date for the access token
type AuthorizeGenerate ¶
type AuthorizeGenerate interface {
Token(ctx context.Context, data *GenerateBasic) (code string, err error)
}
AuthorizeGenerate generate the authorization code interface
type AuthorizeRequest ¶
type AuthorizeRequest struct { ResponseType ResponseType ClientID string Scope string RedirectURI string State string UserID string CodeChallenge string CodeChallengeMethod CodeChallengeMethod AccessTokenExp time.Duration Request *http.Request }
AuthorizeRequest authorization request
type AuthorizeScopeHandler ¶
AuthorizeScopeHandler set the authorized scope
type ClientAuthorizedHandler ¶
ClientAuthorizedHandler check the client allows to use this authorization grant type
type ClientInfo ¶
type ClientInfo interface { GetID() string GetSecret() string GetDomain() string GetUserID() string }
ClientInfo the client information model interface
type ClientInfoHandler ¶
ClientInfoHandler get client info from request
type ClientPasswordVerifier ¶
ClientPasswordVerifier the password handler interface
type ClientScopeHandler ¶
type ClientScopeHandler func(tgr *TokenGenerateRequest) (allowed bool, err error)
ClientScopeHandler check the client allows to use scope
type ClientStore ¶
type CodeChallengeMethod ¶
type CodeChallengeMethod string
CodeChallengeMethod PCKE method
const ( // CodeChallengePlain PCKE Method CodeChallengePlain CodeChallengeMethod = "plain" // CodeChallengeS256 PCKE Method CodeChallengeS256 CodeChallengeMethod = "S256" )
func (CodeChallengeMethod) String ¶
func (ccm CodeChallengeMethod) String() string
func (CodeChallengeMethod) Validate ¶
func (ccm CodeChallengeMethod) Validate(cc, ver string) bool
Validate code challenge
type Config ¶
type Config struct { // access token expiration time, 0 means it doesn't expire AccessTokenExp time.Duration // refresh token expiration time, 0 means it doesn't expire RefreshTokenExp time.Duration // whether to generate the refreshing token IsGenerateRefresh bool }
Config authorization configuration parameters
type ConfigConfig ¶
type ConfigConfig struct { TokenType string // token type AllowGetAccessRequest bool // to allow GET requests for the token AllowedResponseTypes []ResponseType // allow the authorization type AllowedGrantTypes []GrantType // allow the grant type AllowedCodeChallengeMethods []CodeChallengeMethod ForcePKCE bool }
Config configuration parameters
func NewConfigConfig ¶
func NewConfigConfig() *ConfigConfig
NewConfig create to configuration instance
type ExtensionFieldsHandler ¶
ExtensionFieldsHandler in response to the access token with the extension of the field
type GenerateBasic ¶
type GenerateBasic struct { Client ClientInfo UserID string CreateAt time.Time TokenInfo TokenInfo Request *http.Request }
GenerateBasic provide the basis of the generated token data
type GrantType ¶
type GrantType string
GrantType authorization model
type InternalErrorHandler ¶
InternalErrorHandler internal error handing
type Manager ¶
type Manager interface { // get the client information GetClient(ctx context.Context, clientID string) (cli ClientInfo, err error) // generate the authorization token(code) GenerateAuthToken(ctx context.Context, rt ResponseType, tgr *TokenGenerateRequest) (authToken TokenInfo, err error) // generate the access token GenerateAccessToken(ctx context.Context, gt GrantType, tgr *TokenGenerateRequest) (accessToken TokenInfo, err error) // refreshing an access token RefreshAccessToken(ctx context.Context, tgr *TokenGenerateRequest) (accessToken TokenInfo, err error) // use the access token to delete the token information RemoveAccessToken(ctx context.Context, access string) (err error) // use the refresh token to delete the token information RemoveRefreshToken(ctx context.Context, refresh string) (err error) // according to the access token for corresponding token information LoadAccessToken(ctx context.Context, access string) (ti TokenInfo, err error) // according to the refresh token for corresponding token information LoadRefreshToken(ctx context.Context, refresh string) (ti TokenInfo, err error) }
Manager authorization management interface
type PasswordAuthorizationHandler ¶
type PasswordAuthorizationHandler func(ctx context.Context, clientID, username, password string) (userID string, err error)
PasswordAuthorizationHandler get user id from username and password
type PreRedirectErrorHandler ¶
type PreRedirectErrorHandler func(w http.ResponseWriter, req *AuthorizeRequest, err error) error
PreRedirectErrorHandler is used to override "redirect-on-error" behavior
type RefreshingConfig ¶
type RefreshingConfig struct { // access token expiration time, 0 means it doesn't expire AccessTokenExp time.Duration // refresh token expiration time, 0 means it doesn't expire RefreshTokenExp time.Duration // whether to generate the refreshing token IsGenerateRefresh bool // whether to reset the refreshing create time IsResetRefreshTime bool // whether to remove access token IsRemoveAccess bool // whether to remove refreshing token IsRemoveRefreshing bool }
RefreshingConfig refreshing token config
type RefreshingScopeHandler ¶
type RefreshingScopeHandler func(tgr *TokenGenerateRequest, oldScope string) (allowed bool, err error)
RefreshingScopeHandler check the scope of the refreshing token
type RefreshingValidationHandler ¶
RefreshingValidationHandler check if refresh_token is still valid. eg no revocation or other
type Response ¶
type Response struct { Error error ErrorCode int Description string URI string StatusCode int Header http.Header }
Response error response
func NewResponse ¶
NewResponse create the response pointer
type ResponseErrorHandler ¶
type ResponseErrorHandler func(re *Response)
ResponseErrorHandler response error handing
type ResponseTokenHandler ¶
type ResponseTokenHandler func(w http.ResponseWriter, data map[string]interface{}, header http.Header, statusCode ...int) error
ResponseTokenHandler response token handing
type ResponseType ¶
type ResponseType string
ResponseType the type of authorization request
const ( CodeType ResponseType = "code" TokenType ResponseType = "token" )
define the type of authorization request
func (ResponseType) String ¶
func (rt ResponseType) String() string
type Server ¶
type Server struct { Config *ConfigConfig Manager Manager ClientInfoHandler ClientInfoHandler ClientAuthorizedHandler ClientAuthorizedHandler ClientScopeHandler ClientScopeHandler UserAuthorizationHandler UserAuthorizationHandler PasswordAuthorizationHandler PasswordAuthorizationHandler RefreshingValidationHandler RefreshingValidationHandler PreRedirectErrorHandler PreRedirectErrorHandler RefreshingScopeHandler RefreshingScopeHandler ResponseErrorHandler ResponseErrorHandler InternalErrorHandler InternalErrorHandler ExtensionFieldsHandler ExtensionFieldsHandler AccessTokenExpHandler AccessTokenExpHandler AuthorizeScopeHandler AuthorizeScopeHandler ResponseTokenHandler ResponseTokenHandler }
Server Provide authorization server
func NewDefaultServer ¶
NewDefaultServer create a default authorization server
func NewServer ¶
func NewServer(cfg *ConfigConfig, manager Manager) *Server
NewServer create authorization server
func (*Server) BearerAuth ¶
BearerAuth parse bearer token
func (*Server) CheckCodeChallengeMethod ¶
func (s *Server) CheckCodeChallengeMethod(ccm CodeChallengeMethod) bool
CheckCodeChallengeMethod checks for allowed code challenge method
func (*Server) CheckGrantType ¶
CheckGrantType check allows grant type
func (*Server) CheckResponseType ¶
func (s *Server) CheckResponseType(rt ResponseType) bool
CheckResponseType check allows response type
func (*Server) GetAccessToken ¶
func (s *Server) GetAccessToken(ctx context.Context, gt GrantType, tgr *TokenGenerateRequest) (TokenInfo, error)
GetAccessToken access token
func (*Server) GetAuthorizeData ¶
func (s *Server) GetAuthorizeData(rt ResponseType, ti TokenInfo) map[string]interface{}
GetAuthorizeData get authorization response data
func (*Server) GetAuthorizeToken ¶
GetAuthorizeToken get authorization token(code)
func (*Server) GetErrorData ¶
GetErrorData get error response data
func (*Server) GetRedirectURI ¶
func (s *Server) GetRedirectURI(req *AuthorizeRequest, data map[string]interface{}) (string, error)
GetRedirectURI get redirect uri
func (*Server) GetTokenData ¶
GetTokenData token data
func (*Server) HandleAuthorizeRequest ¶
HandleAuthorizeRequest the authorization request handling
func (*Server) HandleTokenRequest ¶
HandleTokenRequest token request handling
func (*Server) SetAccessTokenExpHandler ¶
func (s *Server) SetAccessTokenExpHandler(handler AccessTokenExpHandler)
SetAccessTokenExpHandler set expiration date for the access token
func (*Server) SetAllowGetAccessRequest ¶
SetAllowGetAccessRequest to allow GET requests for the token
func (*Server) SetAllowedGrantType ¶
SetAllowedGrantType allow the grant types
func (*Server) SetAllowedResponseType ¶
func (s *Server) SetAllowedResponseType(types ...ResponseType)
SetAllowedResponseType allow the authorization types
func (*Server) SetAuthorizeScopeHandler ¶
func (s *Server) SetAuthorizeScopeHandler(handler AuthorizeScopeHandler)
SetAuthorizeScopeHandler set scope for the access token
func (*Server) SetClientAuthorizedHandler ¶
func (s *Server) SetClientAuthorizedHandler(handler ClientAuthorizedHandler)
SetClientAuthorizedHandler check the client allows to use this authorization grant type
func (*Server) SetClientInfoHandler ¶
func (s *Server) SetClientInfoHandler(handler ClientInfoHandler)
SetClientInfoHandler get client info from request
func (*Server) SetClientScopeHandler ¶
func (s *Server) SetClientScopeHandler(handler ClientScopeHandler)
SetClientScopeHandler check the client allows to use scope
func (*Server) SetExtensionFieldsHandler ¶
func (s *Server) SetExtensionFieldsHandler(handler ExtensionFieldsHandler)
SetExtensionFieldsHandler in response to the access token with the extension of the field
func (*Server) SetInternalErrorHandler ¶
func (s *Server) SetInternalErrorHandler(handler InternalErrorHandler)
SetInternalErrorHandler internal error handling
func (*Server) SetPasswordAuthorizationHandler ¶
func (s *Server) SetPasswordAuthorizationHandler(handler PasswordAuthorizationHandler)
SetPasswordAuthorizationHandler get user id from username and password
func (*Server) SetPreRedirectErrorHandler ¶
func (s *Server) SetPreRedirectErrorHandler(handler PreRedirectErrorHandler)
SetPreRedirectErrorHandler sets the PreRedirectErrorHandler in current Server instance
func (*Server) SetRefreshingScopeHandler ¶
func (s *Server) SetRefreshingScopeHandler(handler RefreshingScopeHandler)
SetRefreshingScopeHandler check the scope of the refreshing token
func (*Server) SetRefreshingValidationHandler ¶
func (s *Server) SetRefreshingValidationHandler(handler RefreshingValidationHandler)
SetRefreshingValidationHandler check if refresh_token is still valid. eg no revocation or other
func (*Server) SetResponseErrorHandler ¶
func (s *Server) SetResponseErrorHandler(handler ResponseErrorHandler)
SetResponseErrorHandler response error handling
func (*Server) SetResponseTokenHandler ¶
func (s *Server) SetResponseTokenHandler(handler ResponseTokenHandler)
SetResponseTokenHandler response token handing
func (*Server) SetTokenType ¶
SetTokenType token type
func (*Server) SetUserAuthorizationHandler ¶
func (s *Server) SetUserAuthorizationHandler(handler UserAuthorizationHandler)
SetUserAuthorizationHandler get user id from request authorization
func (*Server) ValidationAuthorizeRequest ¶
func (s *Server) ValidationAuthorizeRequest(r *http.Request) (*AuthorizeRequest, error)
ValidationAuthorizeRequest the authorization request validation
func (*Server) ValidationBearerToken ¶
ValidationBearerToken validation the bearer tokens https://tools.ietf.org/html/rfc6750
func (*Server) ValidationTokenRequest ¶
ValidationTokenRequest the token request validation
type Token ¶
type Token struct { ClientID string `bson:"ClientID"` UserID string `bson:"UserID"` RedirectURI string `bson:"RedirectURI"` Scope string `bson:"Scope"` Code string `bson:"Code"` CodeChallenge string `bson:"CodeChallenge"` CodeChallengeMethod string `bson:"CodeChallengeMethod"` CodeCreateAt time.Time `bson:"CodeCreateAt"` CodeExpiresIn time.Duration `bson:"CodeExpiresIn"` Access string `bson:"Access"` AccessCreateAt time.Time `bson:"AccessCreateAt"` AccessExpiresIn time.Duration `bson:"AccessExpiresIn"` Refresh string `bson:"Refresh"` RefreshCreateAt time.Time `bson:"RefreshCreateAt"` RefreshExpiresIn time.Duration `bson:"RefreshExpiresIn"` }
Token token model
func (*Token) GetAccessCreateAt ¶
GetAccessCreateAt create Time
func (*Token) GetAccessExpiresIn ¶
GetAccessExpiresIn the lifetime in seconds of the access token
func (*Token) GetCodeChallenge ¶
GetCodeChallenge challenge code
func (*Token) GetCodeChallengeMethod ¶
func (t *Token) GetCodeChallengeMethod() CodeChallengeMethod
GetCodeChallengeMethod challenge method
func (*Token) GetCodeCreateAt ¶
GetCodeCreateAt create Time
func (*Token) GetCodeExpiresIn ¶
GetCodeExpiresIn the lifetime in seconds of the authorization code
func (*Token) GetRefreshCreateAt ¶
GetRefreshCreateAt create Time
func (*Token) GetRefreshExpiresIn ¶
GetRefreshExpiresIn the lifetime in seconds of the refresh token
func (*Token) SetAccessCreateAt ¶
SetAccessCreateAt create Time
func (*Token) SetAccessExpiresIn ¶
SetAccessExpiresIn the lifetime in seconds of the access token
func (*Token) SetCodeChallenge ¶
SetCodeChallenge challenge code
func (*Token) SetCodeChallengeMethod ¶
func (t *Token) SetCodeChallengeMethod(method CodeChallengeMethod)
SetCodeChallengeMethod challenge method
func (*Token) SetCodeCreateAt ¶
SetCodeCreateAt create Time
func (*Token) SetCodeExpiresIn ¶
SetCodeExpiresIn the lifetime in seconds of the authorization code
func (*Token) SetRedirectURI ¶
SetRedirectURI redirect URI
func (*Token) SetRefreshCreateAt ¶
SetRefreshCreateAt create Time
func (*Token) SetRefreshExpiresIn ¶
SetRefreshExpiresIn the lifetime in seconds of the refresh token
type TokenGenerateRequest ¶
type TokenGenerateRequest struct { ClientID string ClientSecret string UserID string RedirectURI string Scope string Code string CodeChallenge string CodeChallengeMethod CodeChallengeMethod Refresh string CodeVerifier string AccessTokenExp time.Duration Request *http.Request }
TokenGenerateRequest provide to generate the token request parameters
type TokenInfo ¶
type TokenInfo interface { New() TokenInfo GetClientID() string SetClientID(string) GetUserID() string SetUserID(string) GetRedirectURI() string SetRedirectURI(string) GetScope() string SetScope(string) GetCode() string SetCode(string) GetCodeCreateAt() time.Time SetCodeCreateAt(time.Time) GetCodeExpiresIn() time.Duration SetCodeExpiresIn(time.Duration) GetCodeChallenge() string SetCodeChallenge(string) GetCodeChallengeMethod() CodeChallengeMethod SetCodeChallengeMethod(CodeChallengeMethod) GetAccess() string SetAccess(string) GetAccessCreateAt() time.Time SetAccessCreateAt(time.Time) GetAccessExpiresIn() time.Duration SetAccessExpiresIn(time.Duration) GetRefresh() string SetRefresh(string) GetRefreshCreateAt() time.Time SetRefreshCreateAt(time.Time) GetRefreshExpiresIn() time.Duration SetRefreshExpiresIn(time.Duration) }
TokenInfo the token information model interface
type TokenStore ¶
type TokenStore interface { // create and store the new token information Create(ctx context.Context, info TokenInfo) error // delete the authorization code RemoveByCode(ctx context.Context, code string) error // use the access token to delete the token information RemoveByAccess(ctx context.Context, access string) error // use the refresh token to delete the token information RemoveByRefresh(ctx context.Context, refresh string) error // use the authorization code for token information data GetByCode(ctx context.Context, code string) (TokenInfo, error) // use the access token for token information data GetByAccess(ctx context.Context, access string) (TokenInfo, error) // use the refresh token for token information data GetByRefresh(ctx context.Context, refresh string) (TokenInfo, error) }
type UserAuthorizationHandler ¶
type UserAuthorizationHandler func(w http.ResponseWriter, r *http.Request) (userID string, err error)
UserAuthorizationHandler get user id from request authorization
type ValidateURIHandler ¶
ValidateURIHandler validates that redirectURI is contained in baseURI