v0.5.3 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: May 28, 2015 License: BSD-3-Clause, Apache-2.0 Imports: 9 Imported by: 0



Golang OAuth2 client library

OSINCLI is an OAuth2 client library for the Go language, as specified at http://tools.ietf.org/html/rfc6749.

Using it, you can access an OAuth2 authenticated service.

The library follows the RFC recommendations, but allows some differences, like passing the client secret in the url instead of using the Authorization header.

import "github.com/RangelReale/osincli"

config := &osincli.ClientConfig{
	ClientId:                 "xxxxxxxxxxxx.apps.googleusercontent.com",
	ClientSecret:             "secret",
	AuthorizeUrl:             "https://accounts.google.com/o/oauth2/auth",
	TokenUrl:                 "https://accounts.google.com/o/oauth2/token",
	RedirectUrl:              "http://localhost:14001/appauth",
	ErrorsInStatusCode:       true,
	SendClientSecretInParams: true,
	Scope: "https://www.googleapis.com/auth/plus.login",
client, err := osincli.NewClient(config)
if err != nil {

// create a new request to generate the url
areq := client.NewAuthorizeRequest(osincli.CODE)
areq.CustomParameters["access_type"] = "online"
areq.CustomParameters["approval_prompt"] = "auto"

// Home
http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
	u := areq.GetAuthorizeUrl()
	w.Write([]byte(fmt.Sprintf("<a href=\"%s\">Login</a>", u.String())))

// Auth endpoint
http.HandleFunc("/appauth", func(w http.ResponseWriter, r *http.Request) {
	// parse a token request
	if areqdata, err := areq.HandleRequest(r); err == nil {
		treq := client.NewAccessRequest(osincli.AUTHORIZATION_CODE, areqdata)

		// exchange the authorize token for the access token
		ad, err := treq.GetToken()
		if err == nil {
			w.Write([]byte(fmt.Sprintf("Access token: %+v\n\n", ad)))
			// use the token in ad.AccessToken
		} else {
			w.Write([]byte(fmt.Sprintf("ERROR: %s\n", err)))
	} else {
		w.Write([]byte(fmt.Sprintf("ERROR: %s\n", err)))

http.ListenAndServe(":14001", nil)

Load your web browser at:


The code is licensed using "New BSD" license.


Rangel Reale




View Source
const (
	AUTHORIZATION_CODE AccessRequestType = "authorization_code"
	REFRESH_TOKEN                        = "refresh_token"
	PASSWORD                             = "password"
	CLIENT_CREDENTIALS                   = "client_credentials"
	IMPLICIT                             = "__implicit"
View Source
const (
	E_INVALID_REQUEST           string = "invalid_request"
	E_UNAUTHORIZED_CLIENT              = "unauthorized_client"
	E_ACCESS_DENIED                    = "access_denied"
	E_UNSUPPORTED_RESPONSE_TYPE        = "unsupported_response_type"
	E_INVALID_SCOPE                    = "invalid_scope"
	E_SERVER_ERROR                     = "server_error"
	E_TEMPORARILY_UNAVAILABLE          = "temporarily_unavailable"
	E_UNSUPPORTED_GRANT_TYPE           = "unsupported_grant_type"
	E_INVALID_GRANT                    = "invalid_grant"
	E_INVALID_CLIENT                   = "invalid_client"


This section is empty.


This section is empty.


type AccessData

type AccessData struct {
	TokenType    string
	AccessToken  string
	RefreshToken string
	Expiration   *int32
	ResponseData ResponseData

Access data

type AccessRequest

type AccessRequest struct {
	Type             AccessRequestType
	AuthorizeData    *AuthorizeData
	CustomParameters map[string]string
	// contains filtered or unexported fields

Access request information

func (*AccessRequest) GetToken

func (c *AccessRequest) GetToken() (*AccessData, error)

Send a token request and capture data. On OAuth2 error, and osincli.Error is returned as error

func (*AccessRequest) GetTokenUrl

func (c *AccessRequest) GetTokenUrl() *url.URL

Generate a token url. This may not be the exact url that is used, as it may be submited with basic authentication or form-encoded.

type AccessRequestType

type AccessRequestType string

type AuthorizeData

type AuthorizeData struct {
	Code  string
	State string

Authorization data

type AuthorizeRequest

type AuthorizeRequest struct {
	Type             AuthorizeRequestType
	CustomParameters map[string]string
	// contains filtered or unexported fields

Authorize request information

func (*AuthorizeRequest) GetAuthorizeUrl

func (c *AuthorizeRequest) GetAuthorizeUrl() *url.URL

Returns the authorize url

func (*AuthorizeRequest) GetAuthorizeUrlWithParams

func (c *AuthorizeRequest) GetAuthorizeUrlWithParams(state string) *url.URL

Returns the authorize url

func (*AuthorizeRequest) HandleRequest

func (c *AuthorizeRequest) HandleRequest(r *http.Request) (*AuthorizeData, error)

Handle the authorization request

type AuthorizeRequestType

type AuthorizeRequestType string
const (
	CODE AuthorizeRequestType = "code"

type BasicAuth

type BasicAuth struct {
	Username string
	Password string

Parse basic authentication header

type Client

type Client struct {

	// Transport is the HTTP transport to use when making requests.
	// It will default to http.DefaultTransport if nil.
	Transport http.RoundTripper
	// contains filtered or unexported fields

func NewClient

func NewClient(config *ClientConfig) (*Client, error)

Creates a new client

func (*Client) NewAccessRequest

func (c *Client) NewAccessRequest(t AccessRequestType, ad *AuthorizeData) *AccessRequest

func (*Client) NewAuthorizeRequest

func (c *Client) NewAuthorizeRequest(t AuthorizeRequestType) *AuthorizeRequest

Creates a new authorize request

func (*Client) NewCustomRequest

func (c *Client) NewCustomRequest() *CustomRequest

type ClientConfig

type ClientConfig struct {
	ClientId                 string
	ClientSecret             string
	AuthorizeUrl             string
	TokenUrl                 string
	RedirectUrl              string
	Scope                    string
	ErrorsInStatusCode       bool
	SendClientSecretInParams bool
	UseGetAccessRequest      bool

type CustomData

type CustomData struct {
	ResponseData ResponseData

Custom data

type CustomRequest

type CustomRequest struct {
	CustomParameters map[string]string
	// contains filtered or unexported fields

Custom request information

func (*CustomRequest) GetRequest

func (c *CustomRequest) GetRequest(url *url.URL) (*CustomData, error)

Send a custom request On OAuth2 error, and osincli.Error is returned as error

type Error

type Error struct {
	Id          string
	Description string
	URI         string
	State       string

OAuth2 error base

func NewError

func NewError(id, description, uri, state string) *Error

func (*Error) Error

func (e *Error) Error() string

type ResponseData

type ResponseData map[string]interface{}

Data for response output


Path Synopsis
To test with the osin samples, change the RedirectUri to "http://localhost:14001/appauth" in osin/examples/teststorage.to
To test with the osin samples, change the RedirectUri to "http://localhost:14001/appauth" in osin/examples/teststorage.to

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL