auth
88:61a802849b51 Browse Files
Add refresh expiration and revoking tokens. Add a property to hold the expiration date for a refresh token. Add a TODO for a tokenStore method to revoke a token.
1.1 --- a/oauth2.go Sun Dec 07 03:40:25 2014 -0500 1.2 +++ b/oauth2.go Sat Dec 13 19:05:06 2014 -0500 1.3 @@ -399,13 +399,14 @@ 1.4 refresh = uuid.NewID().String() 1.5 } 1.6 token := Token{ 1.7 - AccessToken: uuid.NewID().String(), 1.8 - RefreshToken: refresh, 1.9 - Created: time.Now(), 1.10 - ExpiresIn: defaultTokenExpiration, 1.11 - TokenType: "bearer", 1.12 - Scope: scope, 1.13 - ProfileID: profileID, 1.14 + AccessToken: uuid.NewID().String(), 1.15 + RefreshToken: refresh, 1.16 + Created: time.Now(), 1.17 + ExpiresIn: defaultTokenExpiration, 1.18 + RefreshExpiresIn: defaultRefreshTokenExpiration, 1.19 + TokenType: "bearer", 1.20 + Scope: scope, 1.21 + ProfileID: profileID, 1.22 } 1.23 err := context.SaveToken(token) 1.24 if err != nil {
2.1 --- a/token.go Sun Dec 07 03:40:25 2014 -0500 2.2 +++ b/token.go Sat Dec 13 19:05:06 2014 -0500 2.3 @@ -8,7 +8,8 @@ 2.4 ) 2.5 2.6 const ( 2.7 - defaultTokenExpiration = 3600 // one hour 2.8 + defaultTokenExpiration = 3600 // one hour 2.9 + defaultRefreshTokenExpiration = 86400 // one day 2.10 ) 2.11 2.12 var ( 2.13 @@ -24,16 +25,20 @@ 2.14 // Token represents an access and/or refresh token that the Client can use to access user data 2.15 // or obtain a new access token. 2.16 type Token struct { 2.17 - AccessToken string 2.18 - RefreshToken string 2.19 - Created time.Time 2.20 - ExpiresIn int32 2.21 - TokenType string 2.22 - Scope string 2.23 - ProfileID uuid.ID 2.24 + AccessToken string 2.25 + RefreshToken string 2.26 + Created time.Time 2.27 + CreatedFrom string 2.28 + ExpiresIn int32 2.29 + RefreshExpiresIn int32 2.30 + TokenType string 2.31 + Scope string 2.32 + ProfileID uuid.ID 2.33 + Revoked bool 2.34 } 2.35 2.36 type tokenStore interface { 2.37 + // BUG(paddy): need to be able to revoke tokens and refresh tokens 2.38 getToken(token string, refresh bool) (Token, error) 2.39 saveToken(token Token) error 2.40 removeToken(token string) error