Fixes bug documented in Issue #84 (https://github.com/golang/oauth2/issues/84#issuecomment-72711375).
During a refresh request, a new refresh token MAY be returned by the authorization server. When this occurs, tokenRefesher.Token() fails to capture the new refresh token leaving it with an invalid refresh token for future calls.
Change-Id: I33b18fdbb750549174865f75eddf85b9725cf281
Reviewed-on: https://go-review.googlesource.com/4151
Reviewed-by: Andrew Gerrand <adg@golang.org>
Adds support for the Resource Owner Password Credentials grant type, which
allows trusted clients to exchange user credentials for an access token
directly. This is generally a bad idea, but is extremely useful in some
situations, where an external redirect is undesirable or impossible.
See https://tools.ietf.org/html/rfc6749#section-4.3
Change-Id: I28efd77957bcf8e1174e93ba0c64a990b94eb839
Reviewed-on: https://go-review.googlesource.com/3862
Reviewed-by: Burcu Dogan <jbd@google.com>
TokenRefresher with that capitalization is not a symbol, and SetToken
doesn't occur anywhere in the package as far as I can tell.
Change-Id: If61f059ed8bb1ca21e27aa99669e542160747fe7
Reviewed-on: https://go-review.googlesource.com/3958
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
It avoids the late expiration due to the server time mismatch.
Change-Id: I126a76cff112fbeb92b71dd036195555b20e637b
Reviewed-on: https://go-review.googlesource.com/3307
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
This follows the change to the google.golang.org/appengine packages
to use the standard context.Context type throughout.
Change-Id: I91b456105ee29f2088c3646145ea0a940f8ffaf4
Reviewed-on: https://go-review.googlesource.com/3172
Reviewed-by: Burcu Dogan <jbd@google.com>
Reviewed-by: David Symonds <dsymonds@golang.org>
"appengine appenginevm" requires the Classic dependencies to
be go-getted. Our travis build doesn't have the right setup
to checkout the Classic App Engine package to the Travis
instance.
Change-Id: I13daa505be4c8ac209021c7e69a114f5eddd6d1e
Reviewed-on: https://go-review.googlesource.com/2982
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Travis build is still depending on the old build tag configuration
which is now invalid.
Change-Id: I9db75f5d65d5cd9b8f2350815f190ea93ed6d6d9
Reviewed-on: https://go-review.googlesource.com/2956
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Token caching is now done whenever you make a Client, and
ReuseTokenSource is exported from the oauth2 package and used by the
Google TokenSources (Compute and App Engine).
Token.Expired is now Token.Valid, and works on nil receivers.
Some other wording cleanups in the process.
All tests pass. App Engine should pass, but is untested.
Change-Id: Ibe1d2599ac3ccfe9b399b1672f74bb24cfc8d311
Reviewed-on: https://go-review.googlesource.com/2195
Reviewed-by: Burcu Dogan <jbd@google.com>
The comments already live in oauth2.go.
Change-Id: I103113fbc8138b242cb6f79052fdc6b29bf6f031
Reviewed-on: https://go-review.googlesource.com/2131
Reviewed-by: Andrew Gerrand <adg@golang.org>
Ticks have also been added around commands for style.
Change-Id: Ie2f1934503f73a106cc60d8f9e122dcee69bd000
Reviewed-on: https://go-review.googlesource.com/2130
Reviewed-by: Andrew Gerrand <adg@golang.org>
Also, change the target Go version to 1.4 and make the 'go get' command
only perform the download step (no building).
Change-Id: Iafa3c218d2418b2a2681ce2c03bd1ff833afb317
Reviewed-on: https://go-review.googlesource.com/1702
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Burcu Dogan <jbd@google.com>
Tests and examples aren't updated yet. The tree will be broken after this,
but nobody should be using this yet anyway.
Change-Id: I0004c738f40919ab46d107c71c011c510fbc748f
Reviewed-on: https://go-review.googlesource.com/1246
Reviewed-by: Burcu Dogan <jbd@google.com>
- Removed Flow, flow is a nothing but options.
- Renamed Cacher to Storer.
- Removed the setter from the Transport. Store should do the initial set.
Getter is not removed, because extra fields are available through
Transport.Token.Extra(). It's not pleasant to implement a custom Storer
implementation to read such values.
oauth2: Remove VMs from the AppEngine example title
Current build file doesn't build the subdirectories, therefore succeeds
without building the actual packages. We need to add the appengine
and appengine_internal manually to the GOPATH and enable the
appengine build again.
- Reduce the duplicate code by merging the flows and
determining the flow type by looking at the provided options.
- Options as a function type allows us to validate an individual
an option in its scope and makes it easier to compose the
built-in options with the third-party ones.
This change is for both App Engine and Managed VMs so that these apps can scale without running into the app_identity_service quota limit due to calling appengine.AccessToken too frequently. An added benefit of caching is that calls to Google APIs will be significantly sped up due to removing the round-trip calls to the api_identity_service.
Péter Surányi
Andrew Gerrand
Jim Cote
Paul Rosania
Aaron Jacobs
Burcu Dogan
Dave Day
Johan Euphrosine
Brad Fitzpatrick
Jay Weisskopf
Brad Fitzpatrick
Burcu Dogan
Mal Curtis
Glenn Lewis