This repository has been archived by the owner. It is now read-only.
Golang OAuth2 server library
Clone or download
Pull request Compare This branch is even with openshift:master.
Permalink
Failed to load latest commit information.
example Updating examples and authorize with FormValue May 14, 2018
.gitignore * Add examples Sep 10, 2013
.travis.yml Added Travis CI configuration Aug 15, 2014
CHANGELOG * BREAKING CHANGES, READ CHANGELOG! Jun 26, 2014
LICENSE * Initial import Sep 10, 2013
README.md Example Server should call NewTestStorage in order to seed storage wi… Apr 5, 2017
access.go Reworked redirect uri validation, resolving uri references to base ur… Jul 17, 2018
access_test.go Scope separation is space, not comma Jul 17, 2018
authorize.go Reworked redirect uri validation, resolving uri references to base ur… Jul 17, 2018
authorize_test.go Handle ErrNotFound separately in GetClient result Dec 20, 2017
client.go Allow encrypted client secrets Dec 8, 2015
client_test.go * BREAKING CHANGES, READ CHANGELOG! Jun 26, 2014
config.go Adding the option to retain refresh/access token after successfully r… Mar 29, 2017
error.go DRY and simplify code, add comments, other small cleanup Nov 20, 2013
info.go Add server logging interface Feb 1, 2018
info_test.go Add support to retrieve access token information retrieving the token… Jan 7, 2015
log.go Add server logging interface Feb 1, 2018
log_test.go Add server logging interface Feb 1, 2018
response.go Fix preserving existing query parameters in redirect_uri Nov 28, 2016
response_json.go only set the Content-Type header when one hasn't already been set May 20, 2015
response_json_test.go * BREAKING CHANGES, READ CHANGELOG! Jun 26, 2014
response_test.go Fix preserving existing query parameters in redirect_uri Nov 28, 2016
server.go Add server logging interface Feb 1, 2018
storage.go Added ErrNotFound to storage interface Jun 15, 2017
storage_test.go Added ErrNotFound to storage interface Jun 15, 2017
tokengen.go Replace custom removePadding with base64.RawURLEncoding Sep 13, 2016
urivalidate.go Per the oauth2 spec, query strings in redirect urls must be kept Jul 18, 2018
urivalidate_test.go Per the oauth2 spec, query strings in redirect urls must be kept Jul 18, 2018
util.go Updating examples and authorize with FormValue May 14, 2018
util_test.go URL decode the client_id and client_secret in Authz header Feb 20, 2018

README.md

OSIN

GoDoc

Golang OAuth2 server library

OSIN is an OAuth2 server library for the Go language, as specified at http://tools.ietf.org/html/rfc6749 and http://tools.ietf.org/html/draft-ietf-oauth-v2-10.

It also includes support for PKCE, as specified at https://tools.ietf.org/html/rfc7636, which increases security for code-exchange flows for public OAuth clients.

Using it, you can build your own OAuth2 authentication service.

The library implements the majority of the specification, like authorization and token endpoints, and authorization code, implicit, resource owner and client credentials grant types.

Example Server

import (
	"github.com/RangelReale/osin"
	ex "github.com/RangelReale/osin/example" 
)

// ex.NewTestStorage implements the "osin.Storage" interface
server := osin.NewServer(osin.NewServerConfig(), ex.NewTestStorage())

// Authorization code endpoint
http.HandleFunc("/authorize", func(w http.ResponseWriter, r *http.Request) {
	resp := server.NewResponse()
	defer resp.Close()

	if ar := server.HandleAuthorizeRequest(resp, r); ar != nil {

		// HANDLE LOGIN PAGE HERE

		ar.Authorized = true
		server.FinishAuthorizeRequest(resp, r, ar)
	}
	osin.OutputJSON(resp, w, r)
})

// Access token endpoint
http.HandleFunc("/token", func(w http.ResponseWriter, r *http.Request) {
	resp := server.NewResponse()
	defer resp.Close()

	if ar := server.HandleAccessRequest(resp, r); ar != nil {
		ar.Authorized = true
		server.FinishAccessRequest(resp, r, ar)
	}
	osin.OutputJSON(resp, w, r)
})

http.ListenAndServe(":14000", nil)

Example Access

Open in your web browser:

http://localhost:14000/authorize?response_type=code&client_id=1234&redirect_uri=http%3A%2F%2Flocalhost%3A14000%2Fappauth%2Fcode

Storage backends

There is a mock available at example/teststorage.go which you can use as a guide for writing your own.

You might want to check out other implementations for common database management systems as well:

License

The code is licensed using "New BSD" license.

Author

Rangel Reale rangelreale@gmail.com

Changes

2014-06-25

  • BREAKING CHANGES:
    • Storage interface has 2 new methods, Clone and Close, to better support storages that need to clone / close in each connection (mgo)

    • Client was changed to be an interface instead of an struct. Because of that, the Storage interface also had to change, as interface is already a pointer.

    • HOW TO FIX YOUR CODE:

      • In your Storage, add a Clone function returning itself, and a do nothing Close.

      • In your Storage, replace all *osin.Client with osin.Client (remove the pointer reference)

      • If you used the osin.Client struct directly in your code, change it to osin.DefaultClient, which is a struct with the same fields that implements the interface.

      • Change all accesses using osin.Client to use the methods instead of the fields directly.

      • You MUST defer Response.Close in all your http handlers, otherwise some Storages may not clean correctly.

          resp := server.NewResponse()
          defer resp.Close()