package module
Version: v0.0.0-...-9bbd386 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: May 25, 2021 License: MIT Imports: 2 Imported by: 2


Go Report Card GoDoc GoCover


Easily Manage OAuth2 Scopes In Go

Scope Matching Using Wildcard Strategy

import ""

scopeA := "read:user:*"
scopeB := "read:user:username"

doesMatch := scope.MatchScopes(scopeA, scopeB)

This strategy will work like this :-

  • users.* matches
  • users.* matches
  • matches
  • users does not match
  •* does not match
  • users.*.* does not match
  • users.*.* matches
  • users.*.* matches
  •* matches
  •* matches
  • users.write.* does not match
  • users.*.bar matches
  • users.*.bar does not

Filtering Struct For Read Request

When a client request certain data, this function will eliminate any data in the struct for which the client does not have a read scope.

type user struct {
    username string `readScope:"user:read:username"`
    email string `readScope:"user:read:email"`

func main() {
    output := user{username : "Test", email : ""}
    scopesHeldByClient := []string{"user:read:username"}
    scope.FilterRead(output, scopesHeldByClient)

    // Now will be nil as client does not have scope required to read email field

    output := user{username : "Test", email : ""}
    scopesHeldByClient := []string{"user:read:*"}
    scope.FilterRead(&output, scopesHeldByClient)

    // Now none of the field in output will be nil as client has scopes to read everything in user struct




View Source
const (
	//READ is used to address read operation
	READ = "read"
	//WRITE is is used to address write operation
	WRITE = "write"


This section is empty.


func FilterRead

func FilterRead(data interface{}, scopesAllowed []string)

FilterRead is used to filter output to onlly output what client can see based on scopes

func MatchScopes

func MatchScopes(scopeA, scopeB string) bool

MatchScopes matches two scopes using Wildcard Scope Matching Strategy (asymetric)

func ScopeInAllowed

func ScopeInAllowed(scope string, allowedScopes []string) bool

ScopeInAllowed is used to check if scope is allowed based on allowed scopes list


This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL