Commit Graph

228 Commits

Author SHA1 Message Date
HuKeping 5a0a1b2881 oauth2: remove unnecessary ClientSecret check
Since the empty client secret is permitted by the OAuth 2.0 spec.
The check for clientSecret in retriveTokoen is unnecessary.

Redo #6740

Signed-off-by: Hu Keping <hukeping@huawei.com>

Change-Id: I9126c79a1f8b9d6051c213ee3f93c442a36ca65d
Reviewed-on: https://go-review.googlesource.com/6900
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-05 23:19:29 +00:00
Andrew Gerrand 96e89befdc oauth2: remove oauth2.Context type, simplify App Engine token code
You can now use the "google.golang.org/appengine" packages on both
Managed VMs and App Engine Classic(TM). The newer packages use the
context.Context instead of appengine.Context, so we no longer need the
oauth2.Context type.

Some clients will require code changes, replacing oauth2.Context or
appengine.Context with context.Context (imported from
the repository "golang.org/x/net/context").

Users of classic App Engine must switch to using the new
"google.golang.org/appengine" packages in order to use the oauth2
package.

Fixes #89

Change-Id: Ibaff3117117f9f7c5d1b3048a6e4086f62c18c3b
Reviewed-on: https://go-review.googlesource.com/6075
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-03-05 03:18:37 +00:00
Burcu Dogan a0fac97f6e oauth2/internal: provide better error messaging if key parse fails
Change-Id: I4ad794fbcb58fa16e4f2bf7e113cab2451deab25
Reviewed-on: https://go-review.googlesource.com/5423
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-02 02:51:04 +00:00
Andrew Gerrand 5738e56ec6 oauth2: drop pre-1.4 workaround
Change-Id: Icac33569b4937602b0aac46ec36cc85b5aa53877
Reviewed-on: https://go-review.googlesource.com/6071
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-02-26 04:22:16 +00:00
Ryan Lower 85a72d36ea oauth2: Add stripe connect to list of bad OAuth2 providers
Stripe connect only accepts client secret using via the
Authorization header using 'Bearer' as the method (not 'Basic').

Change-Id: I978d9ce2092fbad3c1a00fde21d689c8e57a3cf1
Reviewed-on: https://go-review.googlesource.com/5532
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-02-23 02:33:40 +00:00
Andrew Gerrand 36fb42e1e8 doc: add CONTRIBUTING.md
Change-Id: I6cb60270a3de13fd5b8e06ae9ecffc08d6b6d8d5
Reviewed-on: https://go-review.googlesource.com/5222
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-02-18 23:42:55 +00:00
James Sweet 35468a7526 Adds twitch.tv to the list of known OAuth2 providers that do not implement the spec fully.
Change-Id: I4db53ae2d039de3ddf9cb84e4211d2e0c4f6c41f
Reviewed-on: https://go-review.googlesource.com/5180
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-02-18 19:43:35 +00:00
Burcu Dogan 407aee3975 oauth2/google: add client_credentials.json Config constructor
Change-Id: I27969a381784f83db7cc8287f65f4ba6a1d972bb
Reviewed-on: https://go-review.googlesource.com/4968
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-02-17 23:11:05 +00:00
Yuki Yugui Sonoda 721c86aedb oauth2/google: fix decode error in Cloud SDK config
google.NewCloudSDK fails to decode credentials file if it contains
service account.
NOTE: the private key in testdata is generated only for this test.

Fixes #86 (https://github.com/golang/oauth2/issues/86).

Change-Id: I9e9e8e10763723d1bf1f953b491aa6e6f3ee760c
Reviewed-on: https://go-review.googlesource.com/4220
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-02-12 05:35:05 +00:00
Dave Day d838a7d6be oauth2/google: simplify the mechanism for overriding gcloud config location
Change-Id: I360fac6b13d11dda221beaa6b46ff386adfc2ec8
Reviewed-on: https://go-review.googlesource.com/4670
Reviewed-by: David Symonds <dsymonds@golang.org>
Run-TryBot: David Symonds <dsymonds@golang.org>
2015-02-12 04:54:22 +00:00
Burcu Dogan 864eccb6a0 oauth2: remove stale comment
Change-Id: If9fba85ac8b20545cee54cafe1c7672880acf498
Reviewed-on: https://go-review.googlesource.com/4391
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-02-10 15:57:03 +00:00
Péter Surányi b0e7ac8c3a oauth2: Context godoc typo fix
Change-Id: I9fbc394a6545754621e808f5d6c4f7622248eaa2
Reviewed-on: https://go-review.googlesource.com/4163
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-02-08 18:20:03 +00:00
Andrew Gerrand 1406aeefb0 oauth2: clarify comment about tokenRefresher's thread safety
Change-Id: I9a3faedb8faf7701be7c82c7fff964b56d7c96c8
Reviewed-on: https://go-review.googlesource.com/4116
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-02-07 21:36:27 +00:00
Jim Cote cc2494a288 oauth2: fixes tokenRefresher.Token() ignores new refresh_token
Fixes bug documented in Issue #84 (https://github.com/golang/oauth2/issues/84#issuecomment-72711375).

During a refresh request, a new refresh token MAY be returned by the authorization server.  When this occurs, tokenRefesher.Token() fails to capture the new refresh token leaving it with an invalid refresh token for future calls.

Change-Id: I33b18fdbb750549174865f75eddf85b9725cf281
Reviewed-on: https://go-review.googlesource.com/4151
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-02-07 21:11:15 +00:00
Paul Rosania 6f28996586 oauth2: Resource Owner Password Credentials grant
Adds support for the Resource Owner Password Credentials grant type, which
allows trusted clients to exchange user credentials for an access token
directly. This is generally a bad idea, but is extremely useful in some
situations, where an external redirect is undesirable or impossible.

See https://tools.ietf.org/html/rfc6749#section-4.3

Change-Id: I28efd77957bcf8e1174e93ba0c64a990b94eb839
Reviewed-on: https://go-review.googlesource.com/3862
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-02-06 10:06:27 +00:00
Aaron Jacobs 7b840c3264 oauth2: Remove what appears to be an out of date comment.
TokenRefresher with that capitalization is not a symbol, and SetToken
doesn't occur anywhere in the package as far as I can tell.

Change-Id: If61f059ed8bb1ca21e27aa99669e542160747fe7
Reviewed-on: https://go-review.googlesource.com/3958
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-02-05 23:49:51 +00:00
Aaron Jacobs 53c5ae1b31 oauth2: Fix some redundant wording in the docs for AccessTypeOnline.
Change-Id: I124553bd38b229e409e152cf364d55c847b70ba4
Reviewed-on: https://go-review.googlesource.com/3950
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-02-05 16:18:09 +00:00
Andrew Gerrand 27daa780a8 oauth2: add googleapis.com to list of broken oauth2 endpoints
Fixes #85

Change-Id: Ic60eee227763ab4041248716880416056c850f95
Reviewed-on: https://go-review.googlesource.com/3873
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-02-04 14:04:51 +00:00
Burcu Dogan 2b74ab268d oauth2: expire the tokens 10 seconds earlier
It avoids the late expiration due to the server time mismatch.

Change-Id: I126a76cff112fbeb92b71dd036195555b20e637b
Reviewed-on: https://go-review.googlesource.com/3307
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-01-26 21:59:20 +00:00
Dave Day d8ba9d6c17 google/appengine: change managed VMs context to context.Context
This follows the change to the google.golang.org/appengine packages
to use the standard context.Context type throughout.

Change-Id: I91b456105ee29f2088c3646145ea0a940f8ffaf4
Reviewed-on: https://go-review.googlesource.com/3172
Reviewed-by: Burcu Dogan <jbd@google.com>
Reviewed-by: David Symonds <dsymonds@golang.org>
2015-01-22 23:37:40 +00:00
Burcu Dogan 267028f9bc oauth2/internal: fix the broken ini parsing test
Change-Id: I1032b759e036f57bc49eec951d08d8b22728c1a0
Reviewed-on: https://go-review.googlesource.com/3117
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-01-21 19:53:08 +00:00
Johan Euphrosine ab6e11b96c oauth2/google: add config type to use Cloud SDK credentials
Change-Id: Ied7fecc0cb155c33faca7766b81221eacb3aa0c0
Reviewed-on: https://go-review.googlesource.com/1670
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-01-21 19:13:56 +00:00
Burcu Dogan 95a9f97e51 oauth2: don't require the appengine package during go-get
"appengine appenginevm" requires the Classic dependencies to
be go-getted. Our travis build doesn't have the right setup
to checkout the Classic App Engine package to the Travis
instance.

Change-Id: I13daa505be4c8ac209021c7e69a114f5eddd6d1e
Reviewed-on: https://go-review.googlesource.com/2982
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-01-17 18:51:33 +00:00
Burcu Dogan b4b040c683 oauth2: fix the build
Travis build is still depending on the old build tag configuration
which is now invalid.

Change-Id: I9db75f5d65d5cd9b8f2350815f190ea93ed6d6d9
Reviewed-on: https://go-review.googlesource.com/2956
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-01-16 21:06:43 +00:00
Burcu Dogan 3e0a89646b oauth2/google: exclude the App Engine implementations if not on an AE app
Change-Id: If44bb4498975495301b85e2cf44f73d3373ab16c
Reviewed-on: https://go-review.googlesource.com/2980
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-01-16 20:45:34 +00:00
Brad Fitzpatrick 2e66694fea oauth2/google: remove unused context parameter from JWTConfigFromJSON
Change-Id: I392ecf76b68f51840a9e4a27596e9ff3724d9128
Reviewed-on: https://go-review.googlesource.com/2732
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-01-13 23:34:08 +00:00
Brad Fitzpatrick 5361962df4 oauth2/google: use the metadata package, cleanups
Verified it compiles on Go 1.2 now too.

Fixes golang/oauth2#70

Change-Id: I099a86676d2464b3840f1798bbca914a202eb195
Reviewed-on: https://go-review.googlesource.com/2372
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-01-06 20:06:52 +00:00
Burcu Dogan 685f9f8718 oauth2: Token.Extra should be type agnostic
Change-Id: Ic8496d10de47181f6b9c16360b5101c6314d71ee
Reviewed-on: https://go-review.googlesource.com/1653
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-01-02 19:45:10 +00:00
Brad Fitzpatrick ed997606a9 oauth2, oauth2/jwt: break JWT off into its own package
Change-Id: Iaaa36728f87744e0d9609674f0d0ad96e6ac80b4
Reviewed-on: https://go-review.googlesource.com/2198
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-01-02 18:35:08 +00:00
Brad Fitzpatrick dfb470cc49 oauth2: fix typo in Token docs and clarify mutability of Token
Change-Id: I1093cffbd4b6fe25cd5b7cfb31e820b15fcfa41f
Reviewed-on: https://go-review.googlesource.com/2197
Reviewed-by: Burcu Dogan <jbd@google.com>
2014-12-31 03:26:08 +00:00
Brad Fitzpatrick a379e41d44 oauth2, oauth2/google: add, use ReuseTokenSource
Token caching is now done whenever you make a Client, and
ReuseTokenSource is exported from the oauth2 package and used by the
Google TokenSources (Compute and App Engine).

Token.Expired is now Token.Valid, and works on nil receivers.

Some other wording cleanups in the process.

All tests pass. App Engine should pass, but is untested.

Change-Id: Ibe1d2599ac3ccfe9b399b1672f74bb24cfc8d311
Reviewed-on: https://go-review.googlesource.com/2195
Reviewed-by: Burcu Dogan <jbd@google.com>
2014-12-30 22:27:30 +00:00
Jay Weisskopf e5909d4679 oauth2: remove duplicate package doc and import comments
The comments already live in oauth2.go.

Change-Id: I103113fbc8138b242cb6f79052fdc6b29bf6f031
Reviewed-on: https://go-review.googlesource.com/2131
Reviewed-by: Andrew Gerrand <adg@golang.org>
2014-12-28 23:09:48 +00:00
Jay Weisskopf 158e906f14 oauth2: update "review" to "codereview" in CONTRIBUTING
Ticks have also been added around commands for style.

Change-Id: Ie2f1934503f73a106cc60d8f9e122dcee69bd000
Reviewed-on: https://go-review.googlesource.com/2130
Reviewed-by: Andrew Gerrand <adg@golang.org>
2014-12-28 23:09:26 +00:00
Burcu Dogan 0a3f39965a oauth2: fix the broken appengine build
Change-Id: I7d1af87be35d9e3bd3d0b5dcd659d07cde873b56
Reviewed-on: https://go-review.googlesource.com/1925
Reviewed-by: Andrew Gerrand <adg@golang.org>
2014-12-21 23:30:00 +00:00
Brad Fitzpatrick 78bedfddc3 oauth2: support CancelRequest when Transport.Base is nil
Fixes #54

Change-Id: If00d0ce8e1c0cf32a4b7dba5506187b9012940bc
Reviewed-on: https://go-review.googlesource.com/1879
Reviewed-by: Burcu Dogan <jbd@google.com>
2014-12-21 05:42:19 +00:00
Brad Fitzpatrick f5b40b26f1 oauth2: use a JSON struct types instead of empty interface maps
Change-Id: Ifd66ea35c15dbd14acca0c945b533ec755de12e4
Reviewed-on: https://go-review.googlesource.com/1872
Reviewed-by: Burcu Dogan <jbd@google.com>
2014-12-20 06:52:21 +00:00
Brad Fitzpatrick 9abe144dd5 oauth2: move Token into its own file (no code changes)
Change-Id: I5248f48cc1af68a0f78a8ddf7e28b91a729f5460
Reviewed-on: https://go-review.googlesource.com/1870
Reviewed-by: David Symonds <dsymonds@golang.org>
2014-12-19 04:29:46 +00:00
Burcu Dogan 289b5d10a0 oauth2: handle token expiry for JWT
Change-Id: I84b4c282ef00e87d13a9b16fdcebd97ea5ed4f4e
Reviewed-on: https://go-review.googlesource.com/1650
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2014-12-18 22:13:51 +00:00
Burcu Dogan 13407478f7 oauth2/google: better instructions for the PKCS12 to PEM conversion
Change-Id: Ibcbde1e0131e0a1f90f66978d9b9a7f3aa3dceb6
Reviewed-on: https://go-review.googlesource.com/1660
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2014-12-17 00:34:13 +00:00
Dave Day 928c2dd7dc oauth2: make sure travis runs at the target commit, not head
Also, change the target Go version to 1.4 and make the 'go get' command
only perform the download step (no building).

Change-Id: Iafa3c218d2418b2a2681ce2c03bd1ff833afb317
Reviewed-on: https://go-review.googlesource.com/1702
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Burcu Dogan <jbd@google.com>
2014-12-17 00:27:35 +00:00
Burcu Dogan 7512128337 oauth2/jws: minor readability improvements
Change-Id: I8bcf0bc88b3db49ac281531524e792e8547e1e07
Reviewed-on: https://go-review.googlesource.com/1671
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2014-12-17 00:04:31 +00:00
Dave Day 7bbf2199a5 oauth2: add func NewClient as per issue #66
Change-Id: Icfae8530e725f2f31774e395319e6e6db330262a
Reviewed-on: https://go-review.googlesource.com/1701
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2014-12-17 00:04:06 +00:00
Burcu Dogan 79dad4e0f4 oauth2: add CONTRIBUTING
Change-Id: I8775dc83b8fda3954032921f120eab223d1551b4
Reviewed-on: https://go-review.googlesource.com/1651
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2014-12-17 00:02:23 +00:00
Johan Euphrosine a360c4ed80 oauth2: fix typo
Change-Id: Ic39a63c50a042ab836bbc496db9aea7fb52870d2
Reviewed-on: https://go-review.googlesource.com/1652
Reviewed-by: Burcu Dogan <jbd@google.com>
2014-12-16 18:11:04 +00:00
Brad Fitzpatrick 1679411e42 github: new package with Github's Endpoint
Change-Id: I4a64493f521678570a89d5da76604c258fb9ceac
Reviewed-on: https://go-review.googlesource.com/1631
Reviewed-by: Andrew Gerrand <adg@golang.org>
2014-12-16 06:37:13 +00:00
Burcu Dogan 9b6b7610ad oauth2: rewrite google package, fix the broken build
Change-Id: I2753a88d7be483bdbc0cac09a1beccc4806ea4bc
Reviewed-on: https://go-review.googlesource.com/1361
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Andrew Gerrand <adg@golang.org>
2014-12-16 06:20:58 +00:00
Brad Fitzpatrick a568078818 oauth2: redesign the API
Tests and examples aren't updated yet. The tree will be broken after this,
but nobody should be using this yet anyway.

Change-Id: I0004c738f40919ab46d107c71c011c510fbc748f
Reviewed-on: https://go-review.googlesource.com/1246
Reviewed-by: Burcu Dogan <jbd@google.com>
2014-12-16 06:20:49 +00:00
Burcu Dogan b3f9a68f05 oauth2: fix lint errors
Change-Id: I9cc4c61767be5e6eda189468430e9a89fe2f3796
2014-12-01 18:03:32 -08:00
Andrew Gerrand 3ec35f1969 Merge branch 'master' of https://github.com/golang/oauth2 2014-11-28 10:17:23 +11:00
Burcu Dogan e750a2fd5a oauth2: add vanity URL import comments, use the vanity URL on builds
Change-Id: Ia20e40d98aa709e3d598388e0a15501584152ab5
2014-11-26 11:47:34 -08:00