oauth2

package
v0.1.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 26, 2025 License: MIT Imports: 6 Imported by: 0

Documentation

Index

Constants

View Source
const (
	DefaultCodeExpiration  = 10 * time.Minute    // Authorization code expiration | 授权码过期时间
	DefaultTokenExpiration = 2 * time.Hour       // Access token expiration | 访问令牌过期时间
	DefaultRefreshTTL      = 30 * 24 * time.Hour // Refresh token expiration | 刷新令牌过期时间

	CodeLength         = 32 // Authorization code byte length | 授权码字节长度
	AccessTokenLength  = 32 // Access token byte length | 访问令牌字节长度
	RefreshTokenLength = 32 // Refresh token byte length | 刷新令牌字节长度

	CodeKeySuffix    = "oauth2:code:"    // Code key suffix after prefix | 授权码键后缀
	TokenKeySuffix   = "oauth2:token:"   // Token key suffix after prefix | 令牌键后缀
	RefreshKeySuffix = "oauth2:refresh:" // Refresh key suffix after prefix | 刷新令牌键后缀

	TokenTypeBearer = "Bearer" // Token type | 令牌类型
)

Constants for OAuth2 | OAuth2常量

Variables

View Source
var (
	ErrClientNotFound           = fmt.Errorf("client not found")
	ErrInvalidRedirectURI       = fmt.Errorf("invalid redirect_uri")
	ErrInvalidClientCredentials = fmt.Errorf("invalid client credentials")
	ErrInvalidAuthCode          = fmt.Errorf("invalid authorization code")
	ErrAuthCodeUsed             = fmt.Errorf("authorization code already used")
	ErrAuthCodeExpired          = fmt.Errorf("authorization code expired")
	ErrClientMismatch           = fmt.Errorf("client mismatch")
	ErrRedirectURIMismatch      = fmt.Errorf("redirect_uri mismatch")
	ErrInvalidAccessToken       = fmt.Errorf("invalid access token")
	ErrInvalidTokenData         = fmt.Errorf("invalid token data")
)

Error variables | 错误变量

Functions

This section is empty.

Types

type AccessToken

type AccessToken struct {
	Token        string   // Access token | 访问令牌
	TokenType    string   // Token type (Bearer) | 令牌类型(Bearer)
	ExpiresIn    int64    // Expiration time in seconds | 过期时间(秒)
	RefreshToken string   // Refresh token | 刷新令牌
	Scopes       []string // Granted scopes | 授予的权限范围
	UserID       string   // User ID | 用户ID
	ClientID     string   // Client ID | 客户端ID
}

AccessToken access token information | 访问令牌信息

type AuthorizationCode

type AuthorizationCode struct {
	Code        string   // Authorization code | 授权码
	ClientID    string   // Client ID | 客户端ID
	RedirectURI string   // Redirect URI | 回调URI
	UserID      string   // User ID | 用户ID
	Scopes      []string // Requested scopes | 请求的权限范围
	CreateTime  int64    // Creation time | 创建时间
	ExpiresIn   int64    // Expiration time in seconds | 过期时间(秒)
	Used        bool     // Whether used | 是否已使用
}

AuthorizationCode authorization code information | 授权码信息

type Client

type Client struct {
	ClientID     string      // Client ID | 客户端ID
	ClientSecret string      // Client secret | 客户端密钥
	RedirectURIs []string    // Allowed redirect URIs | 允许的回调URI
	GrantTypes   []GrantType // Allowed grant types | 允许的授权类型
	Scopes       []string    // Allowed scopes | 允许的权限范围
}

Client OAuth2 client configuration | OAuth2客户端配置

type GrantType

type GrantType string

GrantType OAuth2 grant type | OAuth2授权类型

const (
	GrantTypeAuthorizationCode GrantType = "authorization_code" // Authorization code flow | 授权码模式
	GrantTypeRefreshToken      GrantType = "refresh_token"      // Refresh token flow | 刷新令牌模式
	GrantTypeClientCredentials GrantType = "client_credentials" // Client credentials flow | 客户端凭证模式
	GrantTypePassword          GrantType = "password"           // Password flow | 密码模式
)

type OAuth2Server

type OAuth2Server struct {
	// contains filtered or unexported fields
}

OAuth2Server OAuth2 authorization server | OAuth2授权服务器

func NewOAuth2Server

func NewOAuth2Server(storage adapter.Storage, prefix string) *OAuth2Server

NewOAuth2Server Creates a new OAuth2 server | 创建新的OAuth2服务器 prefix: key prefix (e.g., "satoken:" or "" for Java compatibility) | 键前缀(如:"satoken:" 或 "" 兼容Java)

func (*OAuth2Server) ExchangeCodeForToken

func (s *OAuth2Server) ExchangeCodeForToken(code, clientID, clientSecret, redirectURI string) (*AccessToken, error)

ExchangeCodeForToken Exchanges authorization code for access token | 用授权码换取访问令牌

func (*OAuth2Server) GenerateAuthorizationCode

func (s *OAuth2Server) GenerateAuthorizationCode(clientID, redirectURI, userID string, scopes []string) (*AuthorizationCode, error)

GenerateAuthorizationCode Generates authorization code | 生成授权码

func (*OAuth2Server) GetClient

func (s *OAuth2Server) GetClient(clientID string) (*Client, error)

GetClient Gets client by ID | 根据ID获取客户端

func (*OAuth2Server) RefreshAccessToken

func (s *OAuth2Server) RefreshAccessToken(refreshToken, clientID, clientSecret string) (*AccessToken, error)

RefreshAccessToken Refreshes access token using refresh token | 使用刷新令牌刷新访问令牌

func (*OAuth2Server) RegisterClient

func (s *OAuth2Server) RegisterClient(client *Client) error

RegisterClient Registers an OAuth2 client | 注册OAuth2客户端

func (*OAuth2Server) RevokeToken

func (s *OAuth2Server) RevokeToken(tokenString string) error

RevokeToken Revokes access token and its refresh token | 撤销访问令牌及其刷新令牌

func (*OAuth2Server) UnregisterClient

func (s *OAuth2Server) UnregisterClient(clientID string)

UnregisterClient Unregisters an OAuth2 client | 注销OAuth2客户端

func (*OAuth2Server) ValidateAccessToken

func (s *OAuth2Server) ValidateAccessToken(tokenString string) (*AccessToken, error)

ValidateAccessToken Validates access token | 验证访问令牌

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL