Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/go-oauth2/oauth2
OAuth 2.0 server library for the Go programming language.
https://github.com/go-oauth2/oauth2
go-oauth2 go-oauth2-server oauth2 oauth2-authentication oauth2-provider oauth2-server
Last synced: 7 days ago
JSON representation
OAuth 2.0 server library for the Go programming language.
- Host: GitHub
- URL: https://github.com/go-oauth2/oauth2
- Owner: go-oauth2
- License: mit
- Created: 2016-05-26T14:42:51.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2024-05-06T01:16:26.000Z (6 months ago)
- Last Synced: 2024-10-25T08:10:57.882Z (11 days ago)
- Topics: go-oauth2, go-oauth2-server, oauth2, oauth2-authentication, oauth2-provider, oauth2-server
- Language: Go
- Homepage: https://pkg.go.dev/github.com/go-oauth2/oauth2/v4
- Size: 994 KB
- Stars: 3,317
- Watchers: 60
- Forks: 564
- Open Issues: 99
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-ccamel - go-oauth2/oauth2 - OAuth 2.0 server library for the Go programming language. (Go)
- awesome - go-oauth2/oauth2 - OAuth 2.0 server library for the Go programming language. (Go)
README
# Golang OAuth 2.0 Server
> An open protocol to allow secure authorization in a simple and standard method from web, mobile and desktop applications.
[![Build][build-status-image]][build-status-url] [![Codecov][codecov-image]][codecov-url] [![ReportCard][reportcard-image]][reportcard-url] [![GoDoc][godoc-image]][godoc-url] [![License][license-image]][license-url]
## Protocol Flow
```text
+--------+ +---------------+
| |--(A)- Authorization Request ->| Resource |
| | | Owner |
| |<-(B)-- Authorization Grant ---| |
| | +---------------+
| |
| | +---------------+
| |--(C)-- Authorization Grant -->| Authorization |
| Client | | Server |
| |<-(D)----- Access Token -------| |
| | +---------------+
| |
| | +---------------+
| |--(E)----- Access Token ------>| Resource |
| | | Server |
| |<-(F)--- Protected Resource ---| |
+--------+ +---------------+
```
## Quick Start
### Download and install
```bash
go get -u -v github.com/go-oauth2/oauth2/v4/...
```
### Create file `server.go`
```go
package main
import (
"log"
"net/http"
"github.com/go-oauth2/oauth2/v4/errors"
"github.com/go-oauth2/oauth2/v4/manage"
"github.com/go-oauth2/oauth2/v4/models"
"github.com/go-oauth2/oauth2/v4/server"
"github.com/go-oauth2/oauth2/v4/store"
)
func main() {
manager := manage.NewDefaultManager()
// token memory store
manager.MustTokenStorage(store.NewMemoryTokenStore())
// client memory store
clientStore := store.NewClientStore()
clientStore.Set("000000", &models.Client{
ID: "000000",
Secret: "999999",
Domain: "http://localhost",
})
manager.MapClientStorage(clientStore)
srv := server.NewDefaultServer(manager)
srv.SetAllowGetAccessRequest(true)
srv.SetClientInfoHandler(server.ClientFormHandler)
srv.UserAuthorizationHandler = func(w http.ResponseWriter, r *http.Request) (userID string, err error) {
return "000000", nil
}
srv.SetInternalErrorHandler(func(err error) (re *errors.Response) {
log.Println("Internal Error:", err.Error())
return
})
srv.SetResponseErrorHandler(func(re *errors.Response) {
log.Println("Response Error:", re.Error.Error())
})
http.HandleFunc("/authorize", func(w http.ResponseWriter, r *http.Request) {
err := srv.HandleAuthorizeRequest(w, r)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
}
})
http.HandleFunc("/token", func(w http.ResponseWriter, r *http.Request) {
srv.HandleTokenRequest(w, r)
})
log.Fatal(http.ListenAndServe(":9096", nil))
}
```
### Build and run
```bash
go build server.go
./server
```
### Open in your web browser
**Authorization Request**:
[http://localhost:9096/authorize?client_id=000000&response_type=code](http://localhost:9096/authorize?client_id=000000&response_type=code)
**Grant Token Request**:
[http://localhost:9096/token?grant_type=client_credentials&client_id=000000&client_secret=999999&scope=read](http://localhost:9096/token?grant_type=client_credentials&client_id=000000&client_secret=999999&scope=read)
```json
{
"access_token": "J86XVRYSNFCFI233KXDL0Q",
"expires_in": 7200,
"scope": "read",
"token_type": "Bearer"
}
```
## Features
- Easy to use
- Based on the [RFC 6749](https://tools.ietf.org/html/rfc6749) implementation
- Token storage support TTL
- Support custom expiration time of the access token
- Support custom extension field
- Support custom scope
- Support jwt to generate access tokens
## Example
> A complete example of simulation authorization code model
Simulation examples of authorization code model, please check [example](/example)
### Use jwt to generate access tokens
```go
import (
"github.com/go-oauth2/oauth2/v4/generates"
"github.com/dgrijalva/jwt-go"
)
// ...
manager.MapAccessGenerate(generates.NewJWTAccessGenerate("", []byte("00000000"), jwt.SigningMethodHS512))
// Parse and verify jwt access token
token, err := jwt.ParseWithClaims(access, &generates.JWTAccessClaims{}, func(t *jwt.Token) (interface{}, error) {
if _, ok := t.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, fmt.Errorf("parse error")
}
return []byte("00000000"), nil
})
if err != nil {
// panic(err)
}
claims, ok := token.Claims.(*generates.JWTAccessClaims)
if !ok || !token.Valid {
// panic("invalid token")
}
```
## Store Implements
- [BuntDB](https://github.com/tidwall/buntdb)(default store)
- [Redis](https://github.com/go-oauth2/redis)
- [MongoDB](https://github.com/go-oauth2/mongo)
- [MySQL](https://github.com/go-oauth2/mysql)
- [MySQL (Provides both client and token store)](https://github.com/imrenagi/go-oauth2-mysql)
- [PostgreSQL](https://github.com/vgarvardt/go-oauth2-pg)
- [DynamoDB](https://github.com/contamobi/go-oauth2-dynamodb)
- [XORM](https://github.com/techknowlogick/go-oauth2-xorm)
- [XORM (MySQL, client and token store)](https://github.com/rainlay/go-oauth2-xorm)
- [GORM](https://github.com/techknowlogick/go-oauth2-gorm)
- [Firestore](https://github.com/tslamic/go-oauth2-firestore)
- [Hazelcast](https://github.com/clowre/go-oauth2-hazelcast) (token only)
## Handy Utilities
- [OAuth2 Proxy Logger (Debug utility that proxies interfaces and logs)](https://github.com/aubelsb2/oauth2-logger-proxy)
## MIT License
Copyright (c) 2016 Lyric
[build-status-url]: https://travis-ci.org/go-oauth2/oauth2
[build-status-image]: https://travis-ci.org/go-oauth2/oauth2.svg?branch=master
[codecov-url]: https://codecov.io/gh/go-oauth2/oauth2
[codecov-image]: https://codecov.io/gh/go-oauth2/oauth2/branch/master/graph/badge.svg
[reportcard-url]: https://goreportcard.com/report/github.com/go-oauth2/oauth2/v4
[reportcard-image]: https://goreportcard.com/badge/github.com/go-oauth2/oauth2/v4
[godoc-url]: https://godoc.org/github.com/go-oauth2/oauth2/v4
[godoc-image]: https://godoc.org/github.com/go-oauth2/oauth2/v4?status.svg
[license-url]: http://opensource.org/licenses/MIT
[license-image]: https://img.shields.io/npm/l/express.svg