Commit Graph

322 Commits

Author SHA1 Message Date
Burcu Dogan 442624c9ec oauth2: allow users to register broken OAuth2 implementations
Fixes golang/oauth2#111.

Change-Id: Iaea8adb038bcff91b4b468b1a3bdaa5c03d7e8e7
Reviewed-on: https://go-review.googlesource.com/16976
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-11-17 21:03:13 +00:00
Andrew Gerrand 2bf5e6e27a internal: add Salesforce to list of broken auth providers
Fix #163

Change-Id: Id2c5f34b9d5b6854d59dd8122fb3460d83352b5c
Reviewed-on: https://go-review.googlesource.com/16856
Reviewed-by: Christian Ohler <ohler@driveshift.com>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-11-16 23:58:02 +00:00
Andrew Gerrand 3314c49c83 internal: add microsoftonline.com to list of broken providers
Fixes #161

Change-Id: Iec1b95b766bf88c7c015cf3ff7496339d8b3e20f
Reviewed-on: https://go-review.googlesource.com/16753
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-11-09 22:44:55 +00:00
David Symonds d4780cd8b5 jws: fix base64Decode for strings of length 1 (mod 4).
Change-Id: I5369e4d5454de2cf041363af1328f69d526b17d4
Reviewed-on: https://go-review.googlesource.com/16750
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-11-09 05:46:33 +00:00
David Symonds e347d2238c jws: add EncodeWithSigner function.
This permits controlling the mechanism for signing the token;
for instance, one can use EncodeWithSigner in an App Engine app
to use the App Identity API to perform the signing (you don't have
direct access to the private key there).

An alternate would be to replace Encode with EncodeWithSigner,
and add a little wrapper type that turns a *rsa.PrivateKey into
a Signer. That's probably what I'd do if this were being written
from scratch, but I wasn't keen on breaking existing code.

Change-Id: Id48f5dfa15c179832e613268d4a4098b96648f9a
Reviewed-on: https://go-review.googlesource.com/16711
Reviewed-by: Burcu Dogan <jbd@google.com>
Run-TryBot: David Symonds <dsymonds@golang.org>
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-11-09 00:47:20 +00:00
Andrew Gerrand 038cb4adce all: change copyright to 'Go Authors'
Fixes golang/go#12354

Change-Id: Ie4bbe9445e2a840c9db830c9bd52a783b7a6f9bc
Reviewed-on: https://go-review.googlesource.com/13952
Reviewed-by: Russ Cox <rsc@golang.org>
2015-10-22 04:14:42 +00:00
John ShaggyTwoDope Jenkins ef4eca6b09 small typo fix in clientcredentials.go
Change-Id: If564daf4d164c27b2748b9c4c4ff274f3601184c
Reviewed-on: https://go-review.googlesource.com/15805
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-10-13 21:51:12 +00:00
Emmanuel Odeke 2fbf3d7329 token: extra numeric values + test TokenType case
+ Added tests for TokenType by checking case.
+ Added numeric conversion for float and integer like
  values from token.Extra.

Change-Id: I0909a4458ed58e33428afbf40478a668d150dda7
Reviewed-on: https://go-review.googlesource.com/15156
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-10-01 05:36:47 +00:00
Burcu Dogan 3cab960fb9 internal: add slack.com to the broken auth list
Change-Id: I491418962516c71ee61eba2a4bac76967c75a5da
Reviewed-on: https://go-review.googlesource.com/15049
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-09-28 18:31:21 +00:00
Andrew Gerrand c30abeebd1 internal: remove GitHub from the list of broken providers
See #155 for context

Change-Id: I91bd4186465e7489fd9d28f9f9dc2243218ba6ff
Reviewed-on: https://go-review.googlesource.com/14936
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-09-24 05:58:55 +00:00
Andrew Gerrand 166f7cf994 google: set expiry on JWTAccessTokenSource
Change-Id: Ib1ff6511ce38e17711486743601241285a34f164
Reviewed-on: https://go-review.googlesource.com/14934
Reviewed-by: Julien Boeuf <jboeuf@google.com>
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-09-24 05:27:11 +00:00
Emmanuel Odeke 82de3fe653 jwt: added missing format specifier
Updates golang/oauth#151

Change-Id: I2422dade4d72aa4fc33d9ad922508d2793e4ee27
Reviewed-on: https://go-review.googlesource.com/14779
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-09-22 02:43:36 +00:00
robnorman d5ff5ab876 jwt: allow setting a custom expiry time for JWT tokens
The current implementation of JWS/JWT in this package uses a fixed
1 hour expiry time for JWT tokens.

Some services do not accept such a long expiry time, e.g. Salesforce,
which defaults to a 5 minute expiry.
https://help.salesforce.com/HTViewHelpDoc?id=remoteaccess_oauth_jwt_flow.htm

This change adds an Expires time.Duration property to the jwt.Config
struct that, if set, will be used to calculate the jws.ClaimSet Exp property.
It allows a custom expiry to be set on a JWT token.

This change is backward compatible and will revert to previous behaviour if
the Expires property is not set.

Fixes golang/oauth2#151

Change-Id: I3159ac2a5711ef10389d83c0e290bfc7a9f54015
Reviewed-on: https://go-review.googlesource.com/14681
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-09-21 17:56:07 +00:00
Manu S Ajith 9ecad5029b bitbucket: add end points
Change-Id: I0dee5ae8d822ecf0bc873534fbbba5d0ec546c7b
Reviewed-on: https://go-review.googlesource.com/14664
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-09-17 03:41:47 +00:00
Chris Broadfoot 52dcf34690 google: Re-enable AppEngineTokenSource to be used from Managed VMs.
Fixes #152.

Change-Id: I757c011d3ac5dca8f80fb2119eda3adf8c178ca6
Reviewed-on: https://go-review.googlesource.com/14622
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-09-16 01:14:15 +00:00
Chris Broadfoot ad0128250e Remove use of appenginevm build tag.
Managed VM apps can use the net/http package directly, and can use the
metadata server instead of the appengine package to get Service Account
tokens.

Change-Id: Ifa30eea446ffe4a9121ce3401900f4b73ddf07db
Reviewed-on: https://go-review.googlesource.com/14125
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-09-02 21:49:11 +00:00
Andrew Gerrand 897d9734bb google: set token type on returned JWTAccessToken, tweak docs
Change-Id: Id83af8110c7c89ca5ffe793149230fa3f87a6baf
Reviewed-on: https://go-review.googlesource.com/14198
Reviewed-by: Dave Day <djd@golang.org>
2015-09-02 03:46:34 +00:00
Andrew Gerrand 397fe76494 google: add support for JWT Access Tokens
This is a new form of authentication for Google services, where instead
of passing a signed claim to obtain a token from the OAuth endpoint, you
present the signed claim *as* the token to the API endpoint.

Fixes #139.
Fixes #140.

Change-Id: Ibf0f168a0ec111660ac08b86121c943fb96e146c
Reviewed-on: https://go-review.googlesource.com/10667
Reviewed-by: David Symonds <dsymonds@golang.org>
Reviewed-by: Dave Day <djd@golang.org>
2015-08-13 22:40:26 +00:00
Lucien Stuker 8914e5017c oauth2: add api.netatmo.net to the broken providers
The auth on Netatmo api need ClientSecret in post request.

Like descripted in github issue at
https://github.com/golang/oauth2/issues/111

Change-Id: Ia85120d231e8a5c0ec851ddc3557bad26ecad41d
Reviewed-on: https://go-review.googlesource.com/11833
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-07-01 21:58:07 +00:00
Andrew Gerrand b5adcc2dcd doc: fix typo
Change-Id: I16b7afa3d3ffe8cda083e2189ec6e18e3c6038c0
Reviewed-on: https://go-review.googlesource.com/10444
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-05-27 20:54:32 +00:00
Andrew Etter 36ff901f7b oauth2: ensure case sensitivity for Bearer, MAC, and Basic in auth header
Fixes #113

Change-Id: Id2ba98809a536f1dc1fab5b30c49aeedd2fe4125
Reviewed-on: https://go-review.googlesource.com/9852
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-05-26 02:24:55 +00:00
Burcu Dogan f98d016087 oauth2: use the correct import path for urlfetch
Change-Id: Ie8654298c317f3465c225fad25660cdc5e2907cd
Reviewed-on: https://go-review.googlesource.com/9932
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-05-11 22:20:45 +00:00
Will Norris e296c42d12 oauth2: add StaticTokenSource to return static tokens
Fixes #120

Change-Id: I2ef0cbf87c7124b89a68b5db0080f916c630072d
Reviewed-on: https://go-review.googlesource.com/9895
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-05-11 20:37:49 +00:00
Daniel Kerwin 2159a45684 oauth2: add user.gini.net to the broken providers
Change-Id: I4fa586bec82309bad4dbb02ae6b722f9c19608f6
Reviewed-on: https://go-review.googlesource.com/9804
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-05-08 14:32:49 +00:00
Burcu Dogan ec6d5d770f oauth2: add test-sandbox.auth.corp.google.com to the broken providers
Change-Id: I1d2e1ea803283b5651a482445b9be60262b43c4e
Reviewed-on: https://go-review.googlesource.com/9343
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-04-27 20:39:21 +00:00
ttacon 23f31c341b oauth2: Add Box to the list of broken OAuth providers.
Change-Id: I85f44714ec0571dc0358aecdc1cde92dca954da0
Reviewed-on: https://go-review.googlesource.com/8830
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-04-21 00:15:29 +00:00
Aaron Torres a8c019d04a oauth2: add support for client credential grant type
Creates a new package called clientcredentials and
adds transport and token information to the internal
package. Also modifies the oauth2 package to make
use of the newly added files in the internal package.

The clientcredentials package allows for token requests
using a "client credentials" grant type.

Fixes https://github.com/golang/oauth2/issues/7

Change-Id: Iec649d1029870c27a2d1023baa9d52db42ff45e8
Reviewed-on: https://go-review.googlesource.com/2983
Reviewed-by: Burcu Dogan <jbd@google.com>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-04-18 00:13:27 +00:00
Burcu Dogan ce5ea7da93 oauth2: rename SetParam to SetAuthURLParam
SetParam is quite vague to represent an Option that sets the auth
URL query parameters. Renaming it for explicitness.

Fixes #108.

Change-Id: Ic9f0181097820ee83404c9432451d71658dd8c67
Reviewed-on: https://go-review.googlesource.com/8491
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-04-06 14:29:48 +00:00
Burcu Dogan d2a4aec992 oauth/google: fix the broken default credentials link
Change-Id: Iceb8f2fa393a1de4dbb0ab3b85ccee1da5c2b5b7
Reviewed-on: https://go-review.googlesource.com/8474
Reviewed-by: David Symonds <dsymonds@golang.org>
2015-04-05 01:25:05 +00:00
Brad Fitzpatrick c58fcf0ffc oauth2: fix test to work with Go tip also
json.UnmarshalError has a new field in Go 1.5. Adjust tests to cope.

Change-Id: I6733b2e14513794676e7329a828001f3f8c6c342
Reviewed-on: https://go-review.googlesource.com/8341
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-04-02 05:54:06 +00:00
Russell Haering 3046bc76d6 oauth2: allow callers to pass arbitrary auth URL parameters
Many OAuth 2.0 implementations support parameters beyond those supported
by this library. This change exports a SetParam function for
constructing arbitrary key/value parameters.

Change-Id: Ice4179e7c5341bbeac8a53e389b32d59415740fa
Reviewed-on: https://go-review.googlesource.com/8054
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-03-31 07:24:46 +00:00
Burcu Dogan 11c60b6f71 doc: fix the issues link
Fixes #103.

Change-Id: I4b2f871d7971575fc64d2110553aac42d42b4f7a
Reviewed-on: https://go-review.googlesource.com/8051
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-03-25 02:00:22 +00:00
Nikolay Turpitko ca8a464d23 oauth2: new endpoints
Added *.Endpoint constants for facebook, linkedin, odnoklassniki, paypal
and vk.

Related to issue #41.

Change-Id: Ib447ff773a540aa9bc932a0e18d9bb9ef8703f87
Reviewed-on: https://go-review.googlesource.com/7370
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-03-21 03:45:11 +00:00
Kun 40163b0293 oauth2: Add Strava to list of broken oauth2 endpoints
Fixes #101

Change-Id: I26b460dd0261c9599b2917ff97fa4f0c13218a3e
Reviewed-on: https://go-review.googlesource.com/7850
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-03-19 23:02:46 +00:00
Andrew Gerrand 798d582d94 google: implement application default credentials
Google is moving toward a default, language-agnostic way of obtaining
authentication credentials on App Engine and Compute Engine.
This change implements this mechanism.

Fixes #90.

Change-Id: Iaae4d60bbc75b1a9f2ec6ad14ab76fb2e279d756
Reviewed-on: https://go-review.googlesource.com/6074
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-03-19 05:52:14 +00:00
Andrew Gerrand e3a16b05d6 doc: add app engine docs to the readme
Change-Id: I71dc6930470ad64659a419dd578c91bb14c7cab2
Reviewed-on: https://go-review.googlesource.com/7713
Reviewed-by: David Symonds <dsymonds@golang.org>
2015-03-18 04:47:09 +00:00
Andrew Gerrand c4932a9b59 oauth2: clarify docs on Exchange (nil context isn't ok)
Fixes golang/oauth2#100

Change-Id: I28afb4f02b817ffd0ff91fb10bfca5306d2c21c6
Reviewed-on: https://go-review.googlesource.com/7615
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-03-16 02:10:04 +00:00
Kun 42633ef623 oauth2: Add TrainingPeaks to list of broken oauth2 endpoints
Fixes #97

Change-Id: I8c61214aeb5fdd049a4eddbf8e8a25b130c908b0
Reviewed-on: https://go-review.googlesource.com/7450
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-12 02:54:27 +00:00
Alex Bramley 7e88c64e80 oauth2: Add Pushbullet to set of broken providers.
https://api.pushbullet.com/ accepts client_secret as a POST body parameter
but not via HTTP basic auth, so it needs to be on this list. I have asked
them to fix it properly too :-)

Change-Id: Iff3cba20592c66d5a38755f47b05f1e992dfbad6
Reviewed-on: https://go-review.googlesource.com/7381
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-12 01:13:50 +00:00
Nikolay Turpitko 2167774341 oauth2: long if condition in providerAuthHeaderWorks replaced with loop
Long if condition replaced with loop.

Related to issue #41.

Change-Id: Ib5b88ce2ee2841e9b6c24d78f93bb027141bf678
Reviewed-on: https://go-review.googlesource.com/7290
Reviewed-by: Andrew Gerrand <adg@golang.org>
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-03-11 04:57:51 +00:00
Nikolay Turpitko 6d4eed4495 oauth2: fix expires_in for PayPal
PayPal returns "expires_in" token field as string, not integer.
So, current implementation cannot unmarshal json of tokenJSON due type mismatch.
This patch fixes the issue declaring field as interface{} in tokenJSON and performing type switch in "func (e *tokenJSON) expiry()".

Related to issue #41.

Change-Id: I69301e08c8a56fca049ca47906e32528cd22aef9
Reviewed-on: https://go-review.googlesource.com/6924
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-10 04:54:57 +00:00
Burcu Dogan 54a4310f85 oauth2/google: ConfigFromJSON should support the installed app credentials
client_credentials.json may contain credentials for the installed
applications. Populate the Config depending on what's available in
the JSON key.

Change-Id: I47f494f1c31967a920fe557a9e8c1c4652943c4e
Reviewed-on: https://go-review.googlesource.com/7250
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-10 02:48:34 +00:00
Burcu Dogan 5cccf1a7e7 oauth2: add a test that checks token reuse
Change-Id: I6bd9cadc489418708635ca55a21955b94203bede
Reviewed-on: https://go-review.googlesource.com/7240
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-09 23:38:39 +00:00
Nikolay Turpitko 10e6bf9f9d oauth2: provider list modified in providerAuthHeaderWorks
Added vk.com and odnoklassniki.ru to provider list in providerAuthHeaderWorks.

Related to issue #41.

Change-Id: If1374528e8f1200d22f8694c5e32cdeae6ebb6ea
Reviewed-on: https://go-review.googlesource.com/6925
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-08 22:43:19 +00:00
HuKeping 5a0a1b2881 oauth2: remove unnecessary ClientSecret check
Since the empty client secret is permitted by the OAuth 2.0 spec.
The check for clientSecret in retriveTokoen is unnecessary.

Redo #6740

Signed-off-by: Hu Keping <hukeping@huawei.com>

Change-Id: I9126c79a1f8b9d6051c213ee3f93c442a36ca65d
Reviewed-on: https://go-review.googlesource.com/6900
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-05 23:19:29 +00:00
Andrew Gerrand 96e89befdc oauth2: remove oauth2.Context type, simplify App Engine token code
You can now use the "google.golang.org/appengine" packages on both
Managed VMs and App Engine Classic(TM). The newer packages use the
context.Context instead of appengine.Context, so we no longer need the
oauth2.Context type.

Some clients will require code changes, replacing oauth2.Context or
appengine.Context with context.Context (imported from
the repository "golang.org/x/net/context").

Users of classic App Engine must switch to using the new
"google.golang.org/appengine" packages in order to use the oauth2
package.

Fixes #89

Change-Id: Ibaff3117117f9f7c5d1b3048a6e4086f62c18c3b
Reviewed-on: https://go-review.googlesource.com/6075
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-03-05 03:18:37 +00:00
Burcu Dogan a0fac97f6e oauth2/internal: provide better error messaging if key parse fails
Change-Id: I4ad794fbcb58fa16e4f2bf7e113cab2451deab25
Reviewed-on: https://go-review.googlesource.com/5423
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-02 02:51:04 +00:00
Andrew Gerrand 5738e56ec6 oauth2: drop pre-1.4 workaround
Change-Id: Icac33569b4937602b0aac46ec36cc85b5aa53877
Reviewed-on: https://go-review.googlesource.com/6071
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-02-26 04:22:16 +00:00
Ryan Lower 85a72d36ea oauth2: Add stripe connect to list of bad OAuth2 providers
Stripe connect only accepts client secret using via the
Authorization header using 'Bearer' as the method (not 'Basic').

Change-Id: I978d9ce2092fbad3c1a00fde21d689c8e57a3cf1
Reviewed-on: https://go-review.googlesource.com/5532
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-02-23 02:33:40 +00:00
Andrew Gerrand 36fb42e1e8 doc: add CONTRIBUTING.md
Change-Id: I6cb60270a3de13fd5b8e06ae9ecffc08d6b6d8d5
Reviewed-on: https://go-review.googlesource.com/5222
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-02-18 23:42:55 +00:00