auth

Paddy 2015-01-18 Parent:0a1e16b9c141 Child:dcd2125c4f57

124:d14f0a81498c Go to Latest

auth/token.go

Fill out token.CreatedFrom. Add a GrantType.AuditString() string method that will return a string for an audit log. Basically, it returns enough information to identify how the token got created. For client credentials, that's just the string "client_credentials". For user credentials, that's just the string "credentials". For auth codes, that's "authcode:", followed by the code used. For refresh tokens, that's "refresh_token:", followed by the refresh token used.

Download raw file
View source Diff to previous Annotate
History 
     1.1 --- a/token.go	Sun Jan 18 04:54:02 2015 -0500
     1.2 +++ b/token.go	Sun Jan 18 05:03:17 2015 -0500
     1.3 @@ -21,6 +21,7 @@
     1.4  		Invalidate:    refreshTokenInvalidate,
     1.5  		IssuesRefresh: true,
     1.6  		ReturnToken:   RenderJSONToken,
     1.7 +		AuditString:   refreshTokenAuditString,
     1.8  	})
     1.9  }
    1.10  
    1.11 @@ -215,3 +216,7 @@
    1.12  	}
    1.13  	return context.RevokeToken(refresh, true)
    1.14  }
    1.15 +
    1.16 +func refreshTokenAuditString(r *http.Request) string {
    1.17 +	return "refresh_token:" + r.PostFormValue("refresh_token")
    1.18 +}