OAuth 2.0 is the next evolution of the OAuth protocol which was originally created in late 2006.
$ go get -u -v gopkg.in/oauth2.v3
package main
import (
"net/http"
"gopkg.in/oauth2.v3/manage"
"gopkg.in/oauth2.v3/server"
"gopkg.in/oauth2.v3/store"
)
func main() {
manager := manage.NewDefaultManager()
// token memory store
manager.MapTokenStorage(store.NewMemoryTokenStore(0))
// client test store
manager.MapClientStorage(store.NewTestClientStore())
srv := server.NewServer(server.NewConfig(), manager)
srv.SetUserAuthorizationHandler(func(w http.ResponseWriter, r *http.Request) (userID string, err error) {
// validation and to get the user id
userID = "000000"
return
})
http.HandleFunc("/authorize", func(w http.ResponseWriter, r *http.Request) {
err := srv.HandleAuthorizeRequest(w, r)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
}
})
http.HandleFunc("/token", func(w http.ResponseWriter, r *http.Request) {
err := srv.HandleTokenRequest(w, r)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
}
})
http.ListenAndServe(":9096", nil)
}
$ go build server.go
$ ./server
- Based on the RFC 6749 implementation
- Easy to use
- Modularity
- Flexible
Simulation examples of authorization code model, please check example
Copyright (c) 2016, OAuth 2.0
All rights reserved.