/
authclient.go
116 lines (100 loc) · 2.48 KB
/
authclient.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
package auth
import (
"encoding/json"
"fmt"
"io"
"net"
"net/http"
"net/url"
"sync"
"time"
)
type authClient struct {
url *url.URL
client *http.Client
mu sync.Mutex
quit chan struct{}
}
func newAuthClient(baseURL string, timeout time.Duration) (*authClient, error) {
u, err := url.Parse(baseURL)
if err != nil {
return nil, err
}
quit := make(chan struct{})
client, err := createHTTPClient(timeout, quit)
if err != nil {
return nil, fmt.Errorf("Unable to create http client: %v", err)
}
return &authClient{url: u, client: client, quit: quit}, nil
}
func (ac *authClient) getTokenintrospect(token string) (tokenIntrospectionInfo, error) {
info := make(tokenIntrospectionInfo)
err := jsonPost(ac.url, token, &info, ac.client)
if err != nil {
return nil, err
}
return info, err
}
func (ac *authClient) getTokeninfo(token string) (map[string]interface{}, error) {
var a map[string]interface{}
err := jsonGet(ac.url, token, &a, ac.client)
return a, err
}
func createHTTPClient(timeout time.Duration, quit chan struct{}) (*http.Client, error) {
transport := &http.Transport{
DialContext: (&net.Dialer{
Timeout: timeout,
}).DialContext,
}
go func() {
for {
select {
case <-time.After(10 * time.Second):
transport.CloseIdleConnections()
case <-quit:
return
}
}
}()
return &http.Client{
Transport: transport,
}, nil
}
// jsonGet requests url with access token in the URL query specified
// by accessTokenKey, if auth was given and writes into doc.
func jsonGet(url *url.URL, accessToken string, doc interface{}, client *http.Client) error {
req, err := http.NewRequest("GET", url.String(), nil)
if err != nil {
return err
}
req.Header.Set(authHeaderName, authHeaderPrefix+accessToken)
rsp, err := client.Do(req)
if err != nil {
return err
}
defer rsp.Body.Close()
if rsp.StatusCode != 200 {
return errInvalidToken
}
d := json.NewDecoder(rsp.Body)
return d.Decode(doc)
}
// jsonPost requests url with access token in the body, if auth was given and writes into doc.
func jsonPost(u *url.URL, auth string, doc *tokenIntrospectionInfo, client *http.Client) error {
body := url.Values{}
body.Add(accessTokenKey, auth)
rsp, err := client.PostForm(u.String(), body)
if err != nil {
return err
}
defer rsp.Body.Close()
if rsp.StatusCode != 200 {
return errInvalidToken
}
buf := make([]byte, rsp.ContentLength)
_, err = rsp.Body.Read(buf)
if err != nil && err != io.EOF {
return err
}
return json.Unmarshal(buf, &doc)
}