/
token.go
148 lines (126 loc) · 4.44 KB
/
token.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
package oauth2
import (
"errors"
"github.com/go-zoox/fetch"
"github.com/go-zoox/logger"
)
// Token is the oauth2 token.
type Token struct {
AccessToken string `json:"access_token"`
RefreshToken string `json:"refresh_token"`
ExpiresIn int64 `json:"expires_in"`
TokenType string `json:"token_type"`
//
raw *fetch.Response
}
// Raw gets raw data with *fetch.Response.
func (u *Token) Raw() *fetch.Response {
return u.raw
}
// GetToken gets the token by code and state.
func GetToken(config *Config, code string, state string) (*Token, error) {
token := &Token{}
oauth2ProviderTokenURL := config.TokenURL
oauth2ClientID := config.ClientID
oauth2ClientSecret := config.ClientSecret
oauth2RedirectURI := config.RedirectURI
//
oauth2AccessTokenAttributeName := config.AccessTokenAttributeName
oauth2RefreshTokenAttributeName := config.RefreshTokenAttributeName
oauth2ExpiresInAttributeName := config.ExpiresInAttributeName
oauth2TokenTypeAttributeName := config.TokenTypeAttributeName
var response *fetch.Response
var err error
if config.GetAccessTokenResponse != nil {
response, err = config.GetAccessTokenResponse(config, code, state)
} else {
response, err = fetch.Post(oauth2ProviderTokenURL, &fetch.Config{
Headers: map[string]string{
"Content-Type": "application/x-www-form-urlencoded",
"Accept": "application/json",
},
Body: map[string]string{
"client_id": oauth2ClientID,
"client_secret": oauth2ClientSecret,
"grant_type": "authorization_code",
"redirect_uri": oauth2RedirectURI,
"code": code,
"state": state,
},
})
}
if err != nil {
return nil, errors.New("get access token error by code (3): " + err.Error())
}
logger.Debugf("[oauth2][GetToken][token]: %s", response.String())
errorCode := response.Get("code").Int()
errorMessage := response.Get("message").String()
if errorCode == 5003002 {
return nil, errors.New("code is expired: " + errorMessage)
} else if errorCode != 0 {
return nil, errors.New("get access token error by code (3): " + err.Error())
}
//
accessToken := response.Get(oauth2AccessTokenAttributeName).String()
refreshToken := response.Get(oauth2RefreshTokenAttributeName).String()
expiresIn := response.Get(oauth2ExpiresInAttributeName).Int()
tokenType := response.Get(oauth2TokenTypeAttributeName).String()
token.AccessToken = accessToken
token.RefreshToken = refreshToken
token.ExpiresIn = expiresIn
token.TokenType = tokenType
token.raw = response
return token, nil
}
// RefreshToken refresh the token by refresh token.
func RefreshToken(config *Config, refreshTokenString string) (*Token, error) {
token := &Token{}
oauth2ProviderTokenURL := config.TokenURL
oauth2ClientID := config.ClientID
oauth2ClientSecret := config.ClientSecret
//
oauth2AccessTokenAttributeName := config.AccessTokenAttributeName
oauth2RefreshTokenAttributeName := config.RefreshTokenAttributeName
oauth2ExpiresInAttributeName := config.ExpiresInAttributeName
oauth2TokenTypeAttributeName := config.TokenTypeAttributeName
var response *fetch.Response
var err error
if config.RefreshToken != nil {
response, err = config.RefreshToken(config, refreshTokenString)
} else {
response, err = fetch.Post(oauth2ProviderTokenURL, &fetch.Config{
Headers: map[string]string{
"Content-Type": "application/x-www-form-urlencoded",
"Accept": "application/json",
},
Body: map[string]string{
"client_id": oauth2ClientID,
"client_secret": oauth2ClientSecret,
"grant_type": "refresh_token",
"refresh_token": refreshTokenString,
},
})
}
if err != nil {
return nil, errors.New("get access token error by code (3): " + err.Error())
}
logger.Debugf("[oauth2][RefreshToken][token]: %s", response.String())
errorCode := response.Get("code").Int()
errorMessage := response.Get("message").String()
if errorCode == 5003002 {
return nil, errors.New("code is expired: " + errorMessage)
} else if errorCode != 0 {
return nil, errors.New("get access token error by code (3): " + err.Error())
}
//
accessToken := response.Get(oauth2AccessTokenAttributeName).String()
refreshToken := response.Get(oauth2RefreshTokenAttributeName).String()
expiresIn := response.Get(oauth2ExpiresInAttributeName).Int()
tokenType := response.Get(oauth2TokenTypeAttributeName).String()
token.AccessToken = accessToken
token.RefreshToken = refreshToken
token.ExpiresIn = expiresIn
token.TokenType = tokenType
token.raw = response
return token, nil
}