refactor: new api signatures

ory · Jan 15, 2016 · 8a830d3 · 8a830d3
1 parent fde7c80
commit 8a830d3
Show file tree

Hide file tree

Showing 2 changed files with 123 additions and 6 deletions.
diff --git a/handler.go b/handler.go
@@ -17,18 +17,18 @@ type AuthorizeEndpointHandler interface {
 	//   authorization code as described by Section 4.1.1, "token" for
 	//   requesting an access token (implicit grant) as described by
 	//   Section 4.2.1, or a registered extension value as described by Section 8.4.
-	HandleAuthorizeEndpointRequest(ctx context.Context, req *http.Request, requester AuthorizeRequester, responder AuthorizeResponder, session interface{}) error
+	HandleAuthorizeEndpointRequest(requester AuthorizeRequester, responder AuthorizeResponder) error
 }
 
 type TokenEndpointHandler interface {
 	// HandleAuthorizeRequest handles an authorize request. To extend the handler's capabilities, the http request
 	// is passed along, if further information retrieval is required. If the handler feels that he is not responsible for
 	// the authorize request, he must return nil and NOT modify session nor responder neither requester.
 	//
-	HandleTokenEndpointRequest(ctx context.Context, req *http.Request, requester AccessRequester, responder AccessResponder, session interface{}) error
+	HandleTokenEndpointRequest(requester AccessRequester, responder AccessResponder) error
 
 	// ValidateTokenEndpointRequest
 	// If the handler feels that he is not responsible for the authorize request, he must return nil and NOT modify
 	// session nor responder neither requester.
-	ValidateTokenEndpointRequest(ctx context.Context, req *http.Request, requester AccessRequester, session interface{}) error
+	ValidateTokenEndpointRequest(requester AccessRequester) error
 }
diff --git a/oauth2.go b/oauth2.go
@@ -1,8 +1,11 @@
 package fosite
 
 import (
+	"github.com/ory-am/fosite/client"
 	"golang.org/x/net/context"
 	"net/http"
+	"net/url"
+	"time"
 )
 
 var DefaultRequiredScopeName = "fosite"
@@ -26,7 +29,7 @@ type OAuth2Provider interface {
 	//   additional query parameters.  The endpoint URI MUST NOT include a
 	//   fragment component.
 	// * https://tools.ietf.org/html/rfc6749#section-3.1.2.2 (everything MUST be implemented)
-	NewAuthorizeRequest(ctx context.Context, req *http.Request) (AuthorizeRequester, error)
+	NewAuthorizeRequest(ctx context.Context, req *http.Request, session interface{}) (AuthorizeRequester, error)
 
 	// NewAuthorizeResponse iterates through all response type handlers and returns their result or
 	// ErrUnsupportedResponseType if none of the handler's were able to handle it.
@@ -40,7 +43,7 @@ type OAuth2Provider interface {
 	//	 If an authorization request is missing the "response_type" parameter,
 	//	 or if the response type is not understood, the authorization server
 	//	 MUST return an error response as described in Section 4.1.2.1.
-	NewAuthorizeResponse(ctx context.Context, req *http.Request, requester AuthorizeRequester, session interface{}) (AuthorizeResponder, error)
+	NewAuthorizeResponse(requester AuthorizeRequester) (AuthorizeResponder, error)
 
 	// WriteAuthorizeError returns the error codes to the redirection endpoint or shows the error to the user, if no valid
 	// redirect uri was given. Implements rfc6749#section-4.1.2.1
@@ -85,7 +88,7 @@ type OAuth2Provider interface {
 	//
 	// The following specs must be considered in any implementation of this method:
 	// https://tools.ietf.org/html/rfc6749#section-5.1
-	NewAccessResponse(_ context.Context, req *http.Request, requester AccessRequester, session interface{}) (AccessResponder, error)
+	NewAccessResponse(requester AccessRequester) (AccessResponder, error)
 
 	// WriteAccessError writes an access request error response.
 	//
@@ -99,3 +102,117 @@ type OAuth2Provider interface {
 	// https://tools.ietf.org/html/rfc6749#section-5.1
 	WriteAccessResponse(rw http.ResponseWriter, requester AccessRequester, responder AccessResponder)
 }
+
+// Requester is an abstract interface for handling requests in Fosite.
+type Requester interface {
+	// GetContext returns the request's context which can be used to e.g. cancel subroutines.
+	GetContext() context.Context
+
+	// GetRequest returns a pointer to the request's http request.
+	GetRequest() *http.Request
+
+	// GetRequestedAt returns the time the request was created.
+	GetRequestedAt() (requestedAt time.Time)
+
+	// GetClient returns the requests client.
+	GetClient() (client client.Client)
+
+	// GetScopes returns the request's scopes.
+	GetScopes() (scopes Arguments)
+
+	// SetScopes sets the request's scopes.
+	SetScopes(scopes Arguments)
+
+	// GetGrantScopes returns all granted scopes.
+	GetGrantedScopes() (grantedScopes Arguments)
+
+	// GrantScope marks a request's scope as granted.
+	GrantScope(scope string)
+
+	// GetSession returns a pointer to the request's session or nil if none is set.
+	GetSession() (session interface{})
+
+	// GetSession sets the request's session pointer.
+	SetSession(session interface{})
+}
+
+// AccessRequester is a token endpoint's request context.
+type AccessRequester interface {
+	// GetGrantType returns the requests grant type.
+	GetGrantType() (grantType string)
+
+	// SetGrantTypeHandled marks a grant type as handled indicating that the response type is supported.
+	SetGrantTypeHandled(grantType string)
+
+	// DidHandleGrantType returns if the requested grant type has been handled correctly.
+	DidHandleGrantType() (didHandle bool)
+
+	Requester
+}
+
+// AuthorizeRequester is an authorize endpoint's request context.
+type AuthorizeRequester interface {
+	// GetResponseTypes returns the requested response types
+	GetResponseTypes() (responseTypes Arguments)
+
+	// SetResponseTypeHandled marks a response_type (e.g. token or code) as handled indicating that the response type
+	// is supported.
+	SetResponseTypeHandled(responseType string)
+
+	// DidHandleAllResponseTypes returns if all requested response types have been handled correctly
+	DidHandleAllResponseTypes() (didHandle bool)
+
+	// GetRedirectURI returns the requested redirect URI
+	GetRedirectURI() (redirectURL *url.URL)
+
+	// IsRedirectURIValid returns false if the redirect is not rfc-conform (i.e. missing client, not on white list,
+	// or malformed)
+	IsRedirectURIValid() (isValid bool)
+
+	Requester
+}
+
+// AccessResponder is a token endpoint's response.
+type AccessResponder interface {
+	// SetExtra sets a key value pair for the access response.
+	SetExtra(key string, value interface{})
+
+	// GetExtra returns a key's value.
+	GetExtra(key string) interface{}
+
+	// SetAccessToken sets the responses mandatory access token.
+	SetAccessToken(token string)
+
+	// SetTokenType set's the responses mandatory token type
+	SetTokenType(tokenType string)
+
+	// SetAccessToken returns the responses access token.
+	GetAccessToken() (token string)
+
+	// GetTokenType returns the responses token type.
+	GetTokenType() (token string)
+
+	// ToMap converts the response to a map.
+	ToMap() map[string]interface{}
+}
+
+// AuthorizeResponder is an authorization endpoint's response.
+type AuthorizeResponder interface {
+	// GetHeader returns the response's header
+	GetHeader() (header http.Header)
+
+	// AddHeader adds an header key value pair to the response
+	AddHeader(key, value string)
+
+	// GetQuery returns the response's query
+	GetQuery() (query url.Values)
+
+	// AddQuery adds an url query key value pair to the response
+	AddQuery(key, value string)
+
+	// GetHeader returns the response's url fragments
+	GetFragment() (fragment url.Values)
+
+	// AddHeader adds a key value pair to the response's url fragment
+	AddFragment(key, value string)
+}