1. Begin to use

1.1 Create a Manager instance

import "gopkg.in/oauth2.v3/manage"

manager := manage.NewManager()

1.1.1 Manager of the configuration parameters

1.1.1.1 SetAuthorizeCodeExp set the authorization code expiration time

manager.SetAuthorizeCodeExp(time.Minute * 10)

1.1.1.2 SetAuthorizeCodeTokenCfg set the authorization code grant token config

cfg := &manage.Config{
    // access token expiration time
    AccessTokenExp: time.Hour * 2,
    // refresh token expiration time
    RefreshTokenExp: time.Hour * 24 * 3,
    // whether to generate the refreshing token
    IsGenerateRefresh: true,
}
manager.SetAuthorizeCodeTokenCfg(cfg)
        

1.1.1.3 SetImplicitTokenCfg set the implicit grant token config

cfg := &manage.Config{
    // access token expiration time
    AccessTokenExp: time.Hour * 1,
}
manager.SetAuthorizeCodeTokenCfg(cfg)
        

1.1.1.4 SetPasswordTokenCfg set the password grant token config

cfg := &manage.Config{
    // access token expiration time
    AccessTokenExp: time.Hour * 2,
    // refresh token expiration time
    RefreshTokenExp: time.Hour * 24 * 7,
    // whether to generate the refreshing token
    IsGenerateRefresh: true,
}
manager.SetPasswordTokenCfg(cfg)
        

1.1.1.5 SetClientTokenCfg set the client grant token config

cfg := &manage.Config{
    // access token expiration time
    AccessTokenExp: time.Hour * 2,
}
manager.SetClientTokenCfg(cfg)
        

1.1.1.6 SetRefreshTokenCfg set the refreshing token config

cfg := &manage.Config{
    // whether to generate the refreshing token
    IsGenerateRefresh: false,
}
manager.SetRefreshTokenCfg(cfg)
        

1.1.2 The Manager of the interface map

1.1.2.1 MapTokenModel mapping the token information model

import "gopkg.in/oauth2.v3/models"

manager.MapTokenModel(models.NewToken())

1.1.2.2 MapAuthorizeGenerate mapping the authorize code generate interface

import "gopkg.in/oauth2.v3/generates"

manager.MapAuthorizeGenerate(generates.NewAuthorizeGenerate())

1.1.2.3 MapAccessGenerate mapping the access token generate interface

import "gopkg.in/oauth2.v3/generates"

manager.MapAccessGenerate(generates.NewAccessGenerate())

1.1.2.4 MustTokenStorage mandatory mapping the token store interface

import "gopkg.in/oauth2.v3/store"

manager.MustTokenStorage(store.NewMemoryTokenStore())

1.1.2.5 MapClientStorage mapping the client store interface

Client information storage, need to be determined according to the specific business scenarios, here temporarily does not provide specific implementation

1.2 Create a Server instance

import "gopkg.in/oauth2.v3/server"

srv := server.NewServer(server.NewConfig(), manager)

1.2.1 Server configuration parameters

1.2.1.1 SetAllowedResponseType allow the authorization types

The types of authorization support:Code,Token

1.2.1.1 SetAllowedGrantType allow the grant types

Support authorization model:AuthorizationCode,PasswordCredentials,ClientCredentials,Refreshing

1.2.2 Server processing function

1.2.2.1 SetClientInfoHandler get client info from request(The default support:ClientFormHandler,ClientBasicHandler)

ClientInfoHandler func(r *http.Request) (clientID, clientSecret string, err error)

1.2.2.2 SetClientAuthorizedHandler check the client allows to use this authorization grant type

ClientAuthorizedHandler func(clientID string, grant oauth2.GrantType) (allowed bool, err error)

1.2.2.3 SetClientScopeHandler check the client allows to use scope

ClientScopeHandler func(clientID, scope string) (allowed bool, err error)

1.2.2.4 SetUserAuthorizationHandler get user id from request authorization

UserAuthorizationHandler func(w http.ResponseWriter, r *http.Request) (userID string, err error)

1.2.2.5 SetPasswordAuthorizationHandler get user id from username and password

PasswordAuthorizationHandler func(username, password string) (userID string, err error)

1.2.2.6 SetRefreshingScopeHandler check the scope of the refreshing token

RefreshingScopeHandler func(newScope, oldScope string) (allowed bool, err error)

1.2.2.7 SetResponseErrorHandler response error handing

ResponseErrorHandler func(err error) (re *errors.Response)

1.2.2.8 SetInternalErrorHandler internal error handing

InternalErrorHandler func(err error)

1.2.2.9 SetExtensionFieldsHandler in response to the access token with the extension of the field

ExtensionFieldsHandler func(ti oauth2.TokenInfo) (fieldsValue map[string]interface{})

1.2.2.10 SetAccessTokenExpHandler set expiration date for the access token

AccessTokenExpHandler func(w http.ResponseWriter, r *http.Request) (exp time.Duration, err error)

1.2.2.11 SetAuthorizeScopeHandler set the authorized scope

AuthorizeScopeHandler func(w http.ResponseWriter, r *http.Request) (scope string, err error)

1.3 Create the HTTP listener service

1.3.1 The authorization request processing

http.HandleFunc("/authorize", func(w http.ResponseWriter, r *http.Request) {
    err := srv.HandleAuthorizeRequest(w, r)
    if err != nil {
        http.Error(w, err.Error(), http.StatusBadRequest)
    }
})
        

1.3.2 The token request processing

http.HandleFunc("/token", func(w http.ResponseWriter, r *http.Request) {
    err := srv.HandleTokenRequest(w, r)
    if err != nil {
        http.Error(w, err.Error(), http.StatusBadRequest)
    }
})