开源软件名称:oauth2
开源软件地址:https://gitee.com/lyric/oauth2
开源软件介绍:
Golang OAuth 2.0 ServerAn open protocol to allow secure authorization in a simple and standard method from web, mobile and desktop applications.
Protocol Flow +--------+ +---------------+ | |--(A)- Authorization Request ->| Resource | | | | Owner | | |<-(B)-- Authorization Grant ---| | | | +---------------+ | | | | +---------------+ | |--(C)-- Authorization Grant -->| Authorization | | Client | | Server | | |<-(D)----- Access Token -------| | | | +---------------+ | | | | +---------------+ | |--(E)----- Access Token ------>| Resource | | | | Server | | |<-(F)--- Protected Resource ---| | +--------+ +---------------+ Quick StartDownload and installgo get -u -v github.com/go-oauth2/oauth2/v4/... Create file server.go package mainimport ( "log" "net/http" "github.com/go-oauth2/oauth2/v4/errors" "github.com/go-oauth2/oauth2/v4/manage" "github.com/go-oauth2/oauth2/v4/models" "github.com/go-oauth2/oauth2/v4/server" "github.com/go-oauth2/oauth2/v4/store")func main() { manager := manage.NewDefaultManager() // token memory store manager.MustTokenStorage(store.NewMemoryTokenStore()) // client memory store clientStore := store.NewClientStore() clientStore.Set("000000", &models.Client{ ID: "000000", Secret: "999999", Domain: "http://localhost", }) manager.MapClientStorage(clientStore) srv := server.NewDefaultServer(manager) srv.SetAllowGetAccessRequest(true) srv.SetClientInfoHandler(server.ClientFormHandler) srv.SetInternalErrorHandler(func(err error) (re *errors.Response) { log.Println("Internal Error:", err.Error()) return }) srv.SetResponseErrorHandler(func(re *errors.Response) { log.Println("Response Error:", re.Error.Error()) }) http.HandleFunc("/authorize", func(w http.ResponseWriter, r *http.Request) { err := srv.HandleAuthorizeRequest(w, r) if err != nil { http.Error(w, err.Error(), http.StatusBadRequest) } }) http.HandleFunc("/token", func(w http.ResponseWriter, r *http.Request) { srv.HandleTokenRequest(w, r) }) log.Fatal(http.ListenAndServe(":9096", nil))} Build and rungo build server.go./server Open in your web browserhttp://localhost:9096/token?grant_type=client_credentials&client_id=000000&client_secret=999999&scope=read { "access_token": "J86XVRYSNFCFI233KXDL0Q", "expires_in": 7200, "scope": "read", "token_type": "Bearer"} Features- Easy to use
- Based on the RFC 6749 implementation
- Token storage support TTL
- Support custom expiration time of the access token
- Support custom extension field
- Support custom scope
- Support jwt to generate access tokens
ExampleA complete example of simulation authorization code model
Simulation examples of authorization code model, please check example Use jwt to generate access tokensimport ( "github.com/go-oauth2/oauth2/v4/generates" "github.com/dgrijalva/jwt-go")// ...manager.MapAccessGenerate(generates.NewJWTAccessGenerate("", []byte("00000000"), jwt.SigningMethodHS512))// Parse and verify jwt access tokentoken, err := jwt.ParseWithClaims(access, &generates.JWTAccessClaims{}, func(t *jwt.Token) (interface{}, error) { if _, ok := t.Method.(*jwt.SigningMethodHMAC); !ok { return nil, fmt.Errorf("parse error") } return []byte("00000000"), nil})if err != nil { // panic(err)}claims, ok := token.Claims.(*generates.JWTAccessClaims)if !ok || !token.Valid { // panic("invalid token")} Store ImplementsHandy UtilitiesMIT LicenseCopyright (c) 2016 Lyric |
请发表评论