func (s *Storage) LoadAccess(code string) (*osin.AccessData, error) {
var userData string
var cid, prevAccessToken, authorizeCode string
var result osin.AccessData
row := s.db.QueryRow("SELECT client, authorize, previous, access_token, refresh_token, expires_in, scope, redirect_uri, created_at, extra FROM access WHERE access_token=$1 LIMIT 1", code)
err := row.Scan(&cid, &authorizeCode, &prevAccessToken, &result.AccessToken, &result.RefreshToken, &result.ExpiresIn, &result.Scope, &result.RedirectUri, &result.CreatedAt, &userData)
result.UserData = userData
client, err := s.GetClient(cid)
if err != nil {
return nil, err
}
result.Client = client
authorize, err := s.LoadAuthorize(authorizeCode)
if err != nil {
return nil, err
}
result.AuthorizeData = authorize
if prevAccessToken != "" {
prevAccess, err := s.LoadAccess(prevAccessToken)
if err != nil {
return nil, err
}
result.AccessData = prevAccess
}
return &result, err
}
// LoadAccess retrieves access data by token. osin.Client information MUST be loaded together.
// osin.AuthorizeData and osin.AccessData DON'T NEED to be loaded if not easily available.
// Optionally can return error if expired.
func (s *OAuth2Storage) LoadAccess(token string) (*osin.AccessData, error) {
oad := new(OAuth2AccessData)
if err := Db().Model(OAuth2AccessData{}).Where(&OAuth2AccessData{AccessToken: token}).Scan(oad); err != nil {
return nil, errors.New("LoadAccess: AccessToken not found")
}
var ret osin.AccessData
ret.CreatedAt = oad.CreatedAt
ret.ExpiresIn = int32(oad.ExpiresIn)
if ret.IsExpired() {
return nil, errors.New("Access token expired")
}
if client, err := s.GetClient(strconv.FormatUint(oad.ClientID, 10)); err == nil {
ret.Client = client
} else {
return nil, err
}
ret.AccessToken = token
ret.Scope = oad.Scope
ret.RedirectUri = oad.RedirectURI
ret.UserData = oad.UserID
if oad.RefreshTokenID.Valid {
var refreshToken OAuth2RefreshToken
if err := Db().First(&refreshToken, uint64(oad.RefreshTokenID.Int64)); err != nil {
return nil, err
}
ret.RefreshToken = refreshToken.Token
}
return &ret, nil
}
func (store *MongoStorage) createAccessData(copyFrom *AccessData, osinData *osin.AccessData) *osin.AccessData {
if copyFrom.AccessData != nil {
osinAccessData := store.createAccessData(copyFrom.AccessData, &osin.AccessData{})
osinData.AccessData = osinAccessData
}
osinData.AccessToken = copyFrom.AccessToken
osinData.RefreshToken = copyFrom.RefreshToken
osinData.ExpiresIn = copyFrom.ExpiresIn
osinData.Scope = copyFrom.Scope
osinData.RedirectUri = copyFrom.RedirectUri
osinData.CreatedAt = copyFrom.CreatedAt
osinData.UserData = copyFrom.UserData
client, err := store.GetClientWithUserData(copyFrom.UserData)
if err != nil || client == nil {
osinData.Client = &osin.DefaultClient{}
} else {
osinData.Client = client
}
authorizeData, err := store.GetAuthorizeDataWithUserData(copyFrom.UserData)
if err != nil || client == nil {
osinData.AuthorizeData = &osin.AuthorizeData{}
} else {
osinData.AuthorizeData = authorizeData
}
return osinData
}
func (old *AccessData) transfer() *osin.AccessData {
var accessData osin.AccessData = osin.AccessData{}
accessData.Client = &old.Client
accessData.AccessToken = old.AccessToken
accessData.RefreshToken = old.RefreshToken
accessData.ExpiresIn = old.ExpiresIn
accessData.Scope = old.Scope
accessData.RedirectUri = old.RedirectUri
accessData.CreatedAt = old.CreatedAt
accessData.UserData = old.UserData
return &accessData
}
// LoadAccess retrieves access data by token. Client information MUST be loaded together.
// AuthorizeData and AccessData DON'T NEED to be loaded if not easily available.
// Optionally can return error if expired.
func (s *Storage) LoadAccess(code string) (*osin.AccessData, error) {
var extra, cid, prevAccessToken, authorizeCode string
var result osin.AccessData
args := map[string]interface{}{
"code": code,
}
nstmt, err := s.db.PrepareNamed("SELECT client, authorize, previous, access_token, refresh_token, expires_in, scope, redirect_uri, created_at, extra FROM access WHERE access_token=:code LIMIT 1")
if err := nstmt.QueryRowx(args).Scan(
&cid,
&authorizeCode,
&prevAccessToken,
&result.AccessToken,
&result.RefreshToken,
&result.ExpiresIn,
&result.Scope,
&result.RedirectUri,
&result.CreatedAt,
&extra,
); err == sql.ErrNoRows {
return nil, errors.New("not found")
} else if err != nil {
return nil, errors.New(err)
}
result.UserData = extra
client, err := s.GetClient(cid)
if err != nil {
return nil, err
}
result.Client = client
authorize, err := s.LoadAuthorize(authorizeCode)
if err != nil {
return nil, err
}
result.AuthorizeData = authorize
if prevAccessToken != "" {
prevAccess, err := s.LoadAccess(prevAccessToken)
if err != nil {
return nil, err
}
result.AccessData = prevAccess
}
return &result, nil
}
// LoadAccess retrieves access data by token. Client information MUST be loaded together.
// AuthorizeData and AccessData DON'T NEED to be loaded if not easily available.
// Optionally can return error if expired.
func (s *Storage) LoadAccess(code string) (*osin.AccessData, error) {
var extra, cid, prevAccessToken, authorizeCode string
var result osin.AccessData
if err := s.db.QueryRow(
"SELECT client, authorize, previous, access_token, refresh_token, expires_in, scope, redirect_uri, created_at, extra FROM access WHERE access_token=$1 LIMIT 1",
code,
).Scan(
&cid,
&authorizeCode,
&prevAccessToken,
&result.AccessToken,
&result.RefreshToken,
&result.ExpiresIn,
&result.Scope,
&result.RedirectUri,
&result.CreatedAt,
&extra,
); err == sql.ErrNoRows {
return nil, pkg.ErrNotFound
} else if err != nil {
return nil, errors.New(err)
}
result.UserData = extra
client, err := s.GetClient(cid)
if err != nil {
return nil, err
}
result.Client = client
authorize, err := s.LoadAuthorize(authorizeCode)
if err != nil {
return nil, err
}
result.AuthorizeData = authorize
if prevAccessToken != "" {
prevAccess, err := s.LoadAccess(prevAccessToken)
if err != nil {
return nil, err
}
result.AccessData = prevAccess
}
return &result, nil
}
// SaveAccess writes AccessData.
// If RefreshToken is not blank, it must save in a way that can be loaded using LoadRefresh.
func (s *Storage) SaveAccess(d *osin.AccessData) error {
data := &accessData{
ID: bson.NewObjectId(),
ClientID: d.Client.GetUserData().(*Client).ID,
AccessToken: d.AccessToken,
RefreshToken: d.RefreshToken,
Scope: d.Scope,
RedirectUri: d.RedirectUri,
CreatedAt: d.CreatedAt,
ExpiresIn: d.ExpiresIn,
}
err := s.accessData.Insert(&data)
if err != nil {
return errgo.Mask(err)
}
d.UserData = data
return nil
}