// Token refreshes the token by using a new client credentials request.
// tokens received this way do not include a refresh token
// Token returns a token or an error.
// Token must be safe for concurrent use by multiple goroutines.
// The returned Token must not be modified.
func (c *tokenSource) Token() (*oauth2.Token, error) {
config := oauth2.Config{
ClientID: c.conf.ClientID,
ClientSecret: c.conf.ClientSecret,
Endpoint: c.conf.Endpoint,
Scopes: c.conf.Scopes,
}
return config.PasswordCredentialsToken(c.ctx, c.conf.Username, c.conf.Password)
}
// TokenForConfigAndCredentials will return a token using the passed-in config
// and credentials, and an optional context. This is likely to be used if you
// need to obtain a token, but will be arranging your own transport. Otherwise,
// you probably want the http.Client that PasswordAuthenticatedClientFromConfig
// can give you.
func TokenForConfigAndCredentials(conf *oauth2.Config, username, password string, ctx context.Context) (*oauth2.Token, error) {
if ctx == nil {
ctx = context.Background()
}
token, err := conf.PasswordCredentialsToken(ctx, username, password)
if err != nil {
return nil, err
}
return token, nil
}
// Authenticate using OAuth2 password credentials
func ExamplePasswordCredentials() {
apiUrl := "https://api.gb1.brightbox.com"
// Brightbox username and password
userName := "******"
password := "******"
// Users can have multiple accounts, so you need to specify which one
accountId := "acc-h3nbk"
// These OAuth2 application credentials are public, distributed with the
// cli.
applicationId := "app-12345"
applicationSecret := "mocbuipbiaa6k6c"
// Setup OAuth2 authentication.
conf := oauth2.Config{
ClientID: applicationId,
ClientSecret: applicationSecret,
Endpoint: oauth2.Endpoint{
TokenURL: apiUrl + "/token",
},
}
token, err := conf.PasswordCredentialsToken(oauth2.NoContext, userName, password)
if err != nil {
fmt.Println(err)
}
oc := conf.Client(oauth2.NoContext, token)
// Setup connection to API
client, err := brightbox.NewClient(apiUrl, accountId, oc)
if err != nil {
fmt.Println(err)
return
}
// Get a list of servers
servers, err := client.Servers()
if err != nil {
fmt.Println(err)
return
}
for _, server := range servers {
fmt.Printf("id:%s name:%s\n", server.Id, server.Name)
}
}
func (authd *authdetails) tokenisedAuth() (*brightbox.Client, error) {
conf := oauth2.Config{
ClientID: authd.APIClient,
ClientSecret: authd.APISecret,
Scopes: infrastructureScope,
Endpoint: oauth2.Endpoint{
TokenURL: authd.tokenURL(),
},
}
if authd.currentToken == nil {
token, err := conf.PasswordCredentialsToken(oauth2.NoContext, authd.UserName, authd.password)
if err != nil {
return nil, err
}
authd.currentToken = token
}
oauthConnection := conf.Client(oauth2.NoContext, authd.currentToken)
return brightbox.NewClient(authd.APIURL, authd.Account, oauthConnection)
}
func (authd *authdetails) tokenisedAuth() (*brightbox.Client, error) {
conf := oauth2.Config{
ClientID: authd.APIClient,
ClientSecret: authd.APISecret,
Scopes: infrastructureScope,
Endpoint: oauth2.Endpoint{
TokenURL: authd.tokenURL(),
},
}
if authd.currentToken == nil {
log.Printf("[DEBUG] Obtaining authentication for user %s", authd.UserName)
token, err := conf.PasswordCredentialsToken(oauth2.NoContext, authd.UserName, authd.password)
if err != nil {
return nil, err
}
authd.currentToken = token
}
log.Printf("[DEBUG] Refreshing current token if required")
oauthConnection := conf.Client(oauth2.NoContext, authd.currentToken)
return brightbox.NewClient(authd.APIURL, authd.Account, oauthConnection)
}
