// HandleAccess implements osinserver.AccessHandler func (h *AccessAuthenticator) HandleAccess(ar *osin.AccessRequest, w http.ResponseWriter) error { var ( info user.Info ok bool err error ) switch ar.Type { case osin.AUTHORIZATION_CODE, osin.REFRESH_TOKEN: // auth codes and refresh tokens are assumed allowed ok = true case osin.PASSWORD: info, ok, err = h.password.AuthenticatePassword(ar.Username, ar.Password) case osin.ASSERTION: info, ok, err = h.assertion.AuthenticateAssertion(ar.AssertionType, ar.Assertion) case osin.CLIENT_CREDENTIALS: info, ok, err = h.client.AuthenticateClient(ar.Client) default: glog.Warningf("Received unknown access token type: %s", ar.Type) } if err != nil { glog.V(4).Infof("Unable to authenticate %s: %v", ar.Type, err) return err } if ok { // Disable refresh_token generation ar.GenerateRefresh = false ar.Authorized = true if info != nil { ar.AccessData.UserData = info } } return nil }