auth
121:823517aad893 Browse Files
Implement client_credentials grant. Implement granting an access token (ProfileID set to nil) for a client based on client credentials.
1.1 --- a/client.go Sun Jan 18 02:14:08 2015 -0500 1.2 +++ b/client.go Sun Jan 18 02:14:41 2015 -0500 1.3 @@ -17,6 +17,15 @@ 1.4 "code.secondbit.org/uuid.hg" 1.5 ) 1.6 1.7 +func init() { 1.8 + RegisterGrantType("client_credentials", GrantType{ 1.9 + Validate: clientCredentialsValidate, 1.10 + Invalidate: nil, 1.11 + IssuesRefresh: true, 1.12 + ReturnToken: RenderJSONToken, 1.13 + }) 1.14 +} 1.15 + 1.16 var ( 1.17 // ErrNoClientStore is returned when a Context tries to act on a clientStore without setting one first. 1.18 ErrNoClientStore = errors.New("no clientStore was specified for the Context") 1.19 @@ -452,3 +461,13 @@ 1.20 } 1.21 encode(w, r, http.StatusCreated, resp) 1.22 } 1.23 + 1.24 +func clientCredentialsValidate(w http.ResponseWriter, r *http.Request, context Context) (scope string, profileID uuid.ID, valid bool) { 1.25 + scope = r.PostFormValue("scope") 1.26 + _, success := verifyClient(w, r, true, context) 1.27 + if !success { 1.28 + return 1.29 + } 1.30 + valid = true 1.31 + return 1.32 +}
2.1 --- a/oauth2.go Sun Jan 18 02:14:08 2015 -0500 2.2 +++ b/oauth2.go Sun Jan 18 02:14:41 2015 -0500 2.3 @@ -360,6 +360,5 @@ 2.4 } 2.5 } 2.6 2.7 -// TODO(paddy): exchange client credentials for access token 2.8 // TODO(paddy): implicit grant for access token 2.9 // TODO(paddy): exchange refresh token for access token