Commit Graph

26 Commits

Author SHA1 Message Date
Burcu Dogan 5cccf1a7e7 oauth2: add a test that checks token reuse
Change-Id: I6bd9cadc489418708635ca55a21955b94203bede
Reviewed-on: https://go-review.googlesource.com/7240
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-09 23:38:39 +00:00
Jim Cote cc2494a288 oauth2: fixes tokenRefresher.Token() ignores new refresh_token
Fixes bug documented in Issue #84 (https://github.com/golang/oauth2/issues/84#issuecomment-72711375).

During a refresh request, a new refresh token MAY be returned by the authorization server.  When this occurs, tokenRefesher.Token() fails to capture the new refresh token leaving it with an invalid refresh token for future calls.

Change-Id: I33b18fdbb750549174865f75eddf85b9725cf281
Reviewed-on: https://go-review.googlesource.com/4151
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-02-07 21:11:15 +00:00
Paul Rosania 6f28996586 oauth2: Resource Owner Password Credentials grant
Adds support for the Resource Owner Password Credentials grant type, which
allows trusted clients to exchange user credentials for an access token
directly. This is generally a bad idea, but is extremely useful in some
situations, where an external redirect is undesirable or impossible.

See https://tools.ietf.org/html/rfc6749#section-4.3

Change-Id: I28efd77957bcf8e1174e93ba0c64a990b94eb839
Reviewed-on: https://go-review.googlesource.com/3862
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-02-06 10:06:27 +00:00
Brad Fitzpatrick a379e41d44 oauth2, oauth2/google: add, use ReuseTokenSource
Token caching is now done whenever you make a Client, and
ReuseTokenSource is exported from the oauth2 package and used by the
Google TokenSources (Compute and App Engine).

Token.Expired is now Token.Valid, and works on nil receivers.

Some other wording cleanups in the process.

All tests pass. App Engine should pass, but is untested.

Change-Id: Ibe1d2599ac3ccfe9b399b1672f74bb24cfc8d311
Reviewed-on: https://go-review.googlesource.com/2195
Reviewed-by: Burcu Dogan <jbd@google.com>
2014-12-30 22:27:30 +00:00
Brad Fitzpatrick f5b40b26f1 oauth2: use a JSON struct types instead of empty interface maps
Change-Id: Ifd66ea35c15dbd14acca0c945b533ec755de12e4
Reviewed-on: https://go-review.googlesource.com/1872
Reviewed-by: Burcu Dogan <jbd@google.com>
2014-12-20 06:52:21 +00:00
Burcu Dogan 9b6b7610ad oauth2: rewrite google package, fix the broken build
Change-Id: I2753a88d7be483bdbc0cac09a1beccc4806ea4bc
Reviewed-on: https://go-review.googlesource.com/1361
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Andrew Gerrand <adg@golang.org>
2014-12-16 06:20:58 +00:00
Burcu Dogan 5fd31d511c Merge pull request #50 from snikch/fix-json-expiry
Handle expiry correctly in json response
2014-11-25 19:48:01 -08:00
Burcu Dogan b846388564 oauth2: Removing the inconsistent and duplicate features, better naming
- Removed Flow, flow is a nothing but options.
- Renamed Cacher to Storer.
- Removed the setter from the Transport. Store should do the initial set.
  Getter is not removed, because extra fields are available through
  Transport.Token.Extra(). It's not pleasant to implement a custom Storer
  implementation to read such values.

oauth2: Remove VMs from the AppEngine example title
2014-11-25 14:36:49 -08:00
Mal Curtis 778494f9ec Handle expiry correctly in json response
Go treats json numbers as float64 not int. Previously json response
expiry information was ignored since it was expected to be an int.
2014-11-21 13:07:44 +13:00
Burcu Dogan c048af9da2 Add Cacher interface. 2014-11-13 15:41:14 +11:00
Burcu Dogan 0cf6f9b144 Introduce an option function type
- Reduce the duplicate code by merging the flows and
determining the flow type by looking at the provided options.
- Options as a function type allows us to validate an individual
an option in its scope and makes it easier to compose the
built-in options with the third-party ones.
2014-11-08 09:46:26 +11:00
Burcu Dogan 0ae3d4edc9 Allow users to get extra fields from a token response. 2014-10-27 20:01:11 -07:00
JT Olds 8551f9eee2 some pr review fixes 2014-09-06 19:03:51 -06:00
JT Olds e68820a209 fix token exchange 2014-09-06 17:39:43 -06:00
Burcu Dogan 97a89b3be5 Access type and approval prompt should be set at URL generation. 2014-09-04 23:30:06 -07:00
Burcu Dogan bb8496880f Don't assume optional fields are required and use Basic Auth if available.
See https://github.com/golang/oauth2/issues/33
2014-09-04 13:28:18 -07:00
Burcu Dogan de4c4313f9 Adding required client_secret credential. 2014-08-13 13:59:53 -07:00
Burcu Dogan 4c579cbd0d Export exchange.
Allows users to exchange and retrieve a token
without initialising a Transport.
2014-08-11 00:27:43 -07:00
Burcu Dogan 70bd497612 Fail during conf init if auth or token URL is not valid. 2014-07-20 16:56:38 -07:00
Burcu Dogan 0f597d5ad4 oauth2: don't use http.DefaultTransport.
http.DefaultTransport is not available on App Engine.
2014-07-11 10:57:28 -07:00
Johan Euphrosine 93ad3f4a9e remove cache 2014-07-08 22:27:34 -07:00
Burcu Dogan abc4bcd940 Reverting the license back to the original. 2014-05-17 17:26:57 +02:00
Burcu Dogan d7c8bcd0d0 oauth2: adding license. 2014-05-13 21:06:46 +03:00
Burcu Dogan 1b3c225070 oauth2: removing unnecessary interface definitions. 2014-05-10 14:43:21 +03:00
Burcu Dogan 1e1d5bfc0f oauth2: fixing broken test. 2014-05-10 13:50:23 +03:00
Burcu Dogan c32debaa6f Initial commit 2014-05-09 23:05:13 +02:00