// ClientFormFastHandler 客户端表单信息(基于fasthttp) func ClientFormFastHandler(ctx *fasthttp.RequestCtx) (clientID, clientSecret string, err error) { clientID = string(ctx.FormValue("client_id")) clientSecret = string(ctx.FormValue("client_secret")) if clientID == "" || clientSecret == "" { err = ErrAuthorizationFormInvalid } return }
// GetAuthorizeRequest 获取授权请求参数 func (fs *FastServer) GetAuthorizeRequest(ctx *fasthttp.RequestCtx) (authReq *AuthorizeRequest, err error) { if !ctx.IsGet() { err = ErrRequestMethodInvalid return } redirectURI, err := url.QueryUnescape(string(ctx.FormValue("redirect_uri"))) if err != nil { return } authReq = &AuthorizeRequest{ Type: oauth2.ResponseType(string(ctx.FormValue("response_type"))), RedirectURI: redirectURI, State: string(ctx.FormValue("state")), Scope: string(ctx.FormValue("scope")), ClientID: string(ctx.FormValue("client_id")), } if authReq.Type == "" || !fs.checkResponseType(authReq.Type) { err = ErrResponseTypeInvalid } else if authReq.ClientID == "" { err = ErrClientInvalid } return }
// HandleTokenRequest 处理令牌请求 func (fs *FastServer) HandleTokenRequest(ctx *fasthttp.RequestCtx) (err error) { if !ctx.IsPost() { err = ErrRequestMethodInvalid return } gt := oauth2.GrantType(string(ctx.FormValue("grant_type"))) if gt == "" || !fs.checkGrantType(gt) { err = ErrGrantTypeInvalid return } var ti oauth2.TokenInfo clientID, clientSecret, err := fs.cfg.Handler.ClientFastHandler(ctx) if err != nil { return } tgr := &oauth2.TokenGenerateRequest{ ClientID: clientID, ClientSecret: clientSecret, } switch gt { case oauth2.AuthorizationCodeCredentials: tgr.RedirectURI = string(ctx.FormValue("redirect_uri")) tgr.Code = string(ctx.FormValue("code")) tgr.IsGenerateRefresh = true ti, err = fs.manager.GenerateAccessToken(oauth2.AuthorizationCodeCredentials, tgr) case oauth2.PasswordCredentials: userID, uerr := fs.cfg.Handler.UserHandler(string(ctx.FormValue("username")), string(ctx.FormValue("password"))) if uerr != nil { err = uerr return } tgr.UserID = userID tgr.Scope = string(ctx.FormValue("scope")) tgr.IsGenerateRefresh = true ti, err = fs.manager.GenerateAccessToken(oauth2.PasswordCredentials, tgr) case oauth2.ClientCredentials: tgr.Scope = string(ctx.FormValue("scope")) ti, err = fs.manager.GenerateAccessToken(oauth2.ClientCredentials, tgr) case oauth2.RefreshCredentials: tgr.Refresh = string(ctx.FormValue("refresh_token")) tgr.Scope = string(ctx.FormValue("scope")) if tgr.Scope != "" { // 检查授权范围 rti, rerr := fs.manager.LoadRefreshToken(tgr.Refresh) if rerr != nil { err = rerr return } else if rti.GetClientID() != tgr.ClientID { err = ErrRefreshInvalid return } else if verr := fs.cfg.Handler.ScopeHandler(tgr.Scope, rti.GetScope()); verr != nil { err = verr return } } ti, err = fs.manager.RefreshAccessToken(tgr) if err == nil { ti.SetRefresh("") } } if err != nil { return } err = fs.ResJSON(ctx, ti) return }