Documentation
¶
Index ¶
- Constants
- Variables
- type AccessToken
- type AuthorizationCode
- type Client
- type GrantType
- type OAuth2Server
- func (s *OAuth2Server) ExchangeCodeForToken(code, clientID, clientSecret, redirectURI string) (*AccessToken, error)
- func (s *OAuth2Server) GenerateAuthorizationCode(clientID, redirectURI, userID string, scopes []string) (*AuthorizationCode, error)
- func (s *OAuth2Server) GetClient(clientID string) (*Client, error)
- func (s *OAuth2Server) RefreshAccessToken(refreshToken, clientID, clientSecret string) (*AccessToken, error)
- func (s *OAuth2Server) RegisterClient(client *Client) error
- func (s *OAuth2Server) RevokeToken(tokenString string) error
- func (s *OAuth2Server) UnregisterClient(clientID string)
- func (s *OAuth2Server) ValidateAccessToken(tokenString string) (*AccessToken, error)
Constants ¶
const ( DefaultCodeExpiration = 10 * time.Minute // Authorization code expiration | 授权码过期时间 DefaultTokenExpiration = 2 * time.Hour // Access token expiration | 访问令牌过期时间 DefaultRefreshTTL = 30 * 24 * time.Hour // Refresh token expiration | 刷新令牌过期时间 CodeLength = 32 // Authorization code byte length | 授权码字节长度 AccessTokenLength = 32 // Access token byte length | 访问令牌字节长度 RefreshTokenLength = 32 // Refresh token byte length | 刷新令牌字节长度 CodeKeySuffix = "oauth2:code:" // Code key suffix after prefix | 授权码键后缀 TokenKeySuffix = "oauth2:token:" // Token key suffix after prefix | 令牌键后缀 RefreshKeySuffix = "oauth2:refresh:" // Refresh key suffix after prefix | 刷新令牌键后缀 TokenTypeBearer = "Bearer" // Token type | 令牌类型 )
Constants for OAuth2 | OAuth2常量
Variables ¶
var ( ErrClientNotFound = fmt.Errorf("client not found") ErrInvalidRedirectURI = fmt.Errorf("invalid redirect_uri") ErrInvalidClientCredentials = fmt.Errorf("invalid client credentials") ErrInvalidAuthCode = fmt.Errorf("invalid authorization code") ErrAuthCodeUsed = fmt.Errorf("authorization code already used") ErrAuthCodeExpired = fmt.Errorf("authorization code expired") ErrClientMismatch = fmt.Errorf("client mismatch") ErrRedirectURIMismatch = fmt.Errorf("redirect_uri mismatch") ErrInvalidAccessToken = fmt.Errorf("invalid access token") ErrInvalidTokenData = fmt.Errorf("invalid token data") )
Error variables | 错误变量
Functions ¶
This section is empty.
Types ¶
type AccessToken ¶
type AccessToken struct {
Token string // Access token | 访问令牌
TokenType string // Token type (Bearer) | 令牌类型(Bearer)
ExpiresIn int64 // Expiration time in seconds | 过期时间(秒)
RefreshToken string // Refresh token | 刷新令牌
Scopes []string // Granted scopes | 授予的权限范围
UserID string // User ID | 用户ID
ClientID string // Client ID | 客户端ID
}
AccessToken access token information | 访问令牌信息
type AuthorizationCode ¶
type AuthorizationCode struct {
Code string // Authorization code | 授权码
ClientID string // Client ID | 客户端ID
RedirectURI string // Redirect URI | 回调URI
UserID string // User ID | 用户ID
Scopes []string // Requested scopes | 请求的权限范围
CreateTime int64 // Creation time | 创建时间
ExpiresIn int64 // Expiration time in seconds | 过期时间(秒)
Used bool // Whether used | 是否已使用
}
AuthorizationCode authorization code information | 授权码信息
type Client ¶
type Client struct {
ClientID string // Client ID | 客户端ID
ClientSecret string // Client secret | 客户端密钥
RedirectURIs []string // Allowed redirect URIs | 允许的回调URI
GrantTypes []GrantType // Allowed grant types | 允许的授权类型
Scopes []string // Allowed scopes | 允许的权限范围
}
Client OAuth2 client configuration | OAuth2客户端配置
type GrantType ¶
type GrantType string
GrantType OAuth2 grant type | OAuth2授权类型
const ( GrantTypeAuthorizationCode GrantType = "authorization_code" // Authorization code flow | 授权码模式 GrantTypeRefreshToken GrantType = "refresh_token" // Refresh token flow | 刷新令牌模式 GrantTypeClientCredentials GrantType = "client_credentials" // Client credentials flow | 客户端凭证模式 GrantTypePassword GrantType = "password" // Password flow | 密码模式 )
type OAuth2Server ¶
type OAuth2Server struct {
// contains filtered or unexported fields
}
OAuth2Server OAuth2 authorization server | OAuth2授权服务器
func NewOAuth2Server ¶
func NewOAuth2Server(storage adapter.Storage, prefix string) *OAuth2Server
NewOAuth2Server Creates a new OAuth2 server | 创建新的OAuth2服务器 prefix: key prefix (e.g., "satoken:" or "" for Java compatibility) | 键前缀(如:"satoken:" 或 "" 兼容Java)
func (*OAuth2Server) ExchangeCodeForToken ¶
func (s *OAuth2Server) ExchangeCodeForToken(code, clientID, clientSecret, redirectURI string) (*AccessToken, error)
ExchangeCodeForToken Exchanges authorization code for access token | 用授权码换取访问令牌
func (*OAuth2Server) GenerateAuthorizationCode ¶
func (s *OAuth2Server) GenerateAuthorizationCode(clientID, redirectURI, userID string, scopes []string) (*AuthorizationCode, error)
GenerateAuthorizationCode Generates authorization code | 生成授权码
func (*OAuth2Server) GetClient ¶
func (s *OAuth2Server) GetClient(clientID string) (*Client, error)
GetClient Gets client by ID | 根据ID获取客户端
func (*OAuth2Server) RefreshAccessToken ¶
func (s *OAuth2Server) RefreshAccessToken(refreshToken, clientID, clientSecret string) (*AccessToken, error)
RefreshAccessToken Refreshes access token using refresh token | 使用刷新令牌刷新访问令牌
func (*OAuth2Server) RegisterClient ¶
func (s *OAuth2Server) RegisterClient(client *Client) error
RegisterClient Registers an OAuth2 client | 注册OAuth2客户端
func (*OAuth2Server) RevokeToken ¶
func (s *OAuth2Server) RevokeToken(tokenString string) error
RevokeToken Revokes access token and its refresh token | 撤销访问令牌及其刷新令牌
func (*OAuth2Server) UnregisterClient ¶
func (s *OAuth2Server) UnregisterClient(clientID string)
UnregisterClient Unregisters an OAuth2 client | 注销OAuth2客户端
func (*OAuth2Server) ValidateAccessToken ¶
func (s *OAuth2Server) ValidateAccessToken(tokenString string) (*AccessToken, error)
ValidateAccessToken Validates access token | 验证访问令牌