Commit Graph

339 Commits

Author SHA1 Message Date
Jeremy b8828f76cb adds support for the nokia health mate api 2018-08-20 15:23:30 -05:00
Peter Hoyes f720f1faee Correct box.com API domain, which still doesn't support Authorization header
Box.com OAuth authorization fails stating "invalid client credentials". Correct API domain is "api.box.com" (source: https://developer.box.com/reference#token)

Change-Id: Icecd02017c44140c85186fcc3cd673cd1e24ecf0
GitHub-Last-Rev: b568688a5a
GitHub-Pull-Request: golang/oauth2#313
Reviewed-on: https://go-review.googlesource.com/129537
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-08-20 19:13:22 +00:00
a.lukinykh 3d292e4d0c instagram: add Instagram endpoints
Change-Id: Ibb180f48013a398d597f56e14f081842735957df
GitHub-Last-Rev: 2d64329276
GitHub-Pull-Request: golang/oauth2#304
Reviewed-on: https://go-review.googlesource.com/125639
Reviewed-by: Tim Cooper <tim.cooper@layeh.com>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-07-24 15:53:51 +00:00
Manigandan Dharmalingam ef147856a6 stackoverflow: add stackoverflow oauth2 endpoints.
Fixes #297

Stackoverflow oauth2 endpoints constant added.
Ref: https://api.stackexchange.com/docs/authentication

Change-Id: I8285a9baa9514c79e8325c40434f62aa1ed4939b
GitHub-Last-Rev: 909997b81e
GitHub-Pull-Request: golang/oauth2#298
Reviewed-on: https://go-review.googlesource.com/119995
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-06-20 17:54:06 +00:00
Guillaume J. Charmes 088f8e1d43 oauth2: Add support for custom params in Exchange
Allows implementation of PKCE https://www.oauth.com/oauth2-servers/pkce/
for secure code exchange.

Fixes golang/oauth2#286

Change-Id: I07b6fefe6834a2406e8ca2fcbf118d38fc4875d1
GitHub-Last-Rev: 31c5ccbed3
GitHub-Pull-Request: golang/oauth2#285
Reviewed-on: https://go-review.googlesource.com/111515
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-06-19 21:35:08 +00:00
Val Polouchkine 113ce6928c internal: add Twitch's other endpoint to blacklist
Twitch uses two domains for OAuth: https://dev.twitch.tv/docs/authentication/

Change-Id: I33f74e0c282b9e35c5b266980d1eb62f4fa419a8
Reviewed-on: https://go-review.googlesource.com/119515
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-06-18 22:07:33 +00:00
Tim Cooper 1e0a3fa8ba oauth2: mention RFC 6749 in package documentation
Change-Id: Iccf5c53fd5ea3c98447b6c6f4b751655847f1b5e
Reviewed-on: https://go-review.googlesource.com/115936
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-06-03 04:19:54 +00:00
Tim Cooper ec22f46f87 oauth2: remove misleading Transport.RoundTrip comment
This removes any assumption about how the underlying TokenSource is
implemented.

Change-Id: I03521e2f26bd07e25eb6ba00a78c285ece1835cc
Reviewed-on: https://go-review.googlesource.com/114955
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-05-29 20:36:56 +00:00
Tim Cooper 30b72dfc06 oauth2: close request body if errors occur before base RoundTripper is invoked
Fixes golang/oauth#269

Change-Id: I25eb3273a0868a999a2e98961ae5e4040e44ad7a
Reviewed-on: https://go-review.googlesource.com/114956
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-05-29 20:36:26 +00:00
Sebastien Binet bee4e0a411 cern: add CERN OAuth endpoint
Change-Id: I7532b49af74ce2ea5edaffba7f61a45f420d329d
Reviewed-on: https://go-review.googlesource.com/114996
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-05-29 17:07:32 +00:00
Dong-hee Na 8373c64684 kakao: Add new endpoint of Kakao
Change-Id: I1f95cb91018f96f74c1079128cbbd5ebe553c58e
Reviewed-on: https://go-review.googlesource.com/114856
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-05-28 19:57:36 +00:00
Getulio Sánchez 770e5ebd4a linkedin: Update to new endpoint
LinkedIn API documentation states that this are the correct URLs:
https://developer.linkedin.com/docs/oauth2

Fixes #253

Change-Id: I4fe292a1d85d73e184adf6fe6b23af6eb47d8c23
Reviewed-on: https://go-review.googlesource.com/114355
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-05-23 22:41:58 +00:00
Benjamin Hsieh dd5f5d8e78 twitch: update to new endpoint
Update the OAuth APIs for Twitch: https://discuss.dev.twitch.tv/t/oauth-kraken-migration/14606

Change-Id: I6911d0ba6db7ad07e7ddd277713ec72cc3e00ab5
GitHub-Last-Rev: a3b37aecaf
GitHub-Pull-Request: golang/oauth2#291
Reviewed-on: https://go-review.googlesource.com/113655
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-05-21 19:16:39 +00:00
Naveen Kumar Sangi 6e81df8ef0 gitlab: Use correct endpoint URLs
Reference: https://docs.gitlab.com/ee/api/oauth2.html#web-application-flow

Change-Id: Id8b2189692c1b80b970f3af7ed71d7a59bd9aec4

Change-Id: Id8b2189692c1b80b970f3af7ed71d7a59bd9aec4
GitHub-Last-Rev: 5934217c4b
GitHub-Pull-Request: golang/oauth2#294
Reviewed-on: https://go-review.googlesource.com/113975
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-05-21 19:08:22 +00:00
Naveen Kumar Sangi a582fe72a3 gitlab: New package with GitLab's Endpoint
Fixes #292

Change-Id: I444da17dce65745c216711074f01041789282ab2

Change-Id: I444da17dce65745c216711074f01041789282ab2
GitHub-Last-Rev: 714da3c1b4
GitHub-Pull-Request: golang/oauth2#293
Reviewed-on: https://go-review.googlesource.com/113857
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-05-21 13:45:54 +00:00
Shaun Dunning cdc340f7c1 jira: fix bug when upper-casing scopes
Fix for a small bug that causes scopes to be prefixed by a bunch
of `+` chars, which results in an invalid scopes response from
the Jira Auth Server.

Change-Id: I00ded66c1eeb042a02f11ef3c84d7281159b1039
GitHub-Last-Rev: f76f480589
GitHub-Pull-Request: golang/oauth2#282
Reviewed-on: https://go-review.googlesource.com/110917
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-05-03 01:26:34 +00:00
fenwickelliott 6881fee410 internal: add todaysplan urls to brokenAuthHeaderProviders
Adds 'https://multisport.todaysplan.com.au/rest/oauth/access_token' and 'https://whats.todaysplan.com.au/rest/oauth/access_token' to brokenAuthHeaderProviders string slice.

fixes #267

Change-Id: I762f5f698a81cbc5929c604d1da2677a2c6a52a5
Reviewed-on: https://go-review.googlesource.com/105475
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-04-16 19:45:28 +00:00
Bob Briski 921ae394b9 jira: add JIRA provider
Add JIRA JWT process as described here:
https://developer.atlassian.com/cloud/jira/software/oauth-2-jwt-bearer-token-authorization-grant-type/

* Provides a config struct that matched the `installed` hook response
* Creates a signed JWT as per the JIRA process
* Requests a token with the signed JWT

Fixes #278

Change-Id: Iae6f60578c8a6840ed6603a86f02ff4ac08ba813
Reviewed-on: https://go-review.googlesource.com/102037
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-04-02 22:39:37 +00:00
Andrew Bonventre fdc9e63514 CONTRIBUTING.md: remove note about not accepting Pull Requests
Updates golang/go#24185

Change-Id: I2cc878ba8ba163215a6430154bead5c79a5c5206
Reviewed-on: https://go-review.googlesource.com/100686
Reviewed-by: Ian Lance Taylor <iant@golang.org>
2018-03-14 18:02:39 +00:00
Jonathan Amsterdam 7af32f14d0 google: add CredentialsFromJSON
Support obtaining a DefaultCredentials value from JSON data.

Also, add an example, and write more package doc.

For Go 1.9 and higher, rename DefaultCredentials to
Credentials and make the former an alias for the latter.

Updates google/google-api-go-client#247.

Change-Id: I9f9e234ed79f8e08fa13914d9c6c60e0154a06e5
Reviewed-on: https://go-review.googlesource.com/99795
Reviewed-by: Ross Light <light@google.com>
Reviewed-by: Chris Broadfoot <cbro@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-03-12 23:58:49 +00:00
Fredrik Wallgren 2f32c3ac0f mailchimp: add MailChimp provider
Added MailChimp endpoints as per documentation:
http://developer.mailchimp.com/documentation/mailchimp/guides/how-to-use-oauth2/

Add MailChimp to brokenAuthHeadersProviders since they require the
client id and secret as query parameters.

Fixes #272

Change-Id: I155d0c7e34f13477ac87b225e9a278d79c3a2a44
Reviewed-on: https://go-review.googlesource.com/96635
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-02-28 17:30:56 +00:00
Tristan Colgate d7d64896b5 internal: remove facebook from brokenAuthHeadersProviders
A friend who now works at Facebook informs me that this is now fixed on their
side. I've asked for some public reference.

Change-Id: I68627e3211f24bc4bea7c698d1126438a0e8ab0d
Reviewed-on: https://go-review.googlesource.com/97055
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-02-27 00:04:27 +00:00
Charles Fenwick Elliott 543e37812f internal: add more brokenAuthHeadersProviders
Add log.finalsurge.com and api.medium.com

Fixes #267

Change-Id: I8a902f418f04ff87539fe2edda350a81974aaa6e
Reviewed-on: https://go-review.googlesource.com/92655
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-02-07 18:19:06 +00:00
Paul Tyng a032972e28 internal: Add .auth0.com to broken domains
Auth0 does not support `client_id` in basic auth
**without** a `client_secret` but they do support
one or both in the body.

Auth0 also uses account specific subdomains, so
needs to be in the domain suffix broken handling.

Change-Id: I06abec5c228c746b8b90758f452016eeb67f3e98
Reviewed-on: https://go-review.googlesource.com/70010
Reviewed-by: K.J. Valencik <kjvalencik@gmail.com>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-01-26 16:49:32 +00:00
Adam Bender b28fcf2b08 oauth2: minor clarification to function comment
Change-Id: I547bad73aae9130aac7dfa66a391661ed630c513
Reviewed-on: https://go-review.googlesource.com/88157
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-01-18 00:45:44 +00:00
Charles Fenwick Elliott 30785a2c43 spotify: add Spotify endpoints
Added Spotify endpoints as per documentation: https://developer.spotify.com/web-api/authorization-guide/

Fixes golang/go#23338

Change-Id: Ic1a0d6c8f35923b1c6d497e07f028fe92e97e6b6
Reviewed-on: https://go-review.googlesource.com/86250
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-01-04 23:00:36 +00:00
Ross Light 876b1c6ee6 internal: remove RegisterContextClientFunc
This function added a totally unused error path, since the only call
site is for App Engine, which cannot produce an error.

Change-Id: I86277ab4ff96e7bd140c53c5a114a338716668e3
Reviewed-on: https://go-review.googlesource.com/85935
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-01-03 15:50:54 +00:00
Ross Light ee2bad97a9 internal: return error if no access_token present in server response
This behavior and test was introduced in 0ae3d4edc9.
It is not consistent with the other test introduced in the same commit,
where an incorrectly typed access_token does produce an error.  Since a
*Token with a blank AccessToken is invalid, it is allowing an invalid
token to be returned without error.

Cleans up some tests responding with invalid data.

Change-Id: I777eb7a82ef598dc9042542ae65f8dce6768902e
Reviewed-on: https://go-review.googlesource.com/85659
Reviewed-by: Andrew Bonventre <andybons@golang.org>
2018-01-03 00:38:26 +00:00
Ross Light 542ae755da oauth2: don't use tokenRefresher directly in tests
This changes the test to use the exported API instead of implementation
internals.

Change-Id: I07753b053c1a2a8eb027bed647ab921d95afda4e
Reviewed-on: https://go-review.googlesource.com/85658
Reviewed-by: Andrew Bonventre <andybons@golang.org>
2018-01-03 00:37:46 +00:00
Ross Light 90155042cb internal: inline CondVal function
Change-Id: Ic1115ab639e2d7b499c3400b5310575a36b1b796
Reviewed-on: https://go-review.googlesource.com/85320
Reviewed-by: Tim Cooper <tim.cooper@layeh.com>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-01-02 15:01:22 +00:00
Ross Light 174986b227 internal: move ParseINI into google
This was the only usage of the function.

Change-Id: I081e20789ea9e37fe96f764641078472153bf577
Reviewed-on: https://go-review.googlesource.com/85197
Reviewed-by: Andrew Bonventre <andybons@golang.org>
2018-01-02 15:01:02 +00:00
Ross Light 40a09c6c04 internal: fix flaky context test
Change-Id: I877fbcfdde33559baabbda2c275164dd98256892
Reviewed-on: https://go-review.googlesource.com/85196
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2018-01-02 15:00:49 +00:00
Tim Cooper 197281d4e0 jwt: use RetrieveError for invalid status code errors
CL 84156 added oauth2.RetrieveError to the oauth2 and clientcredentials
packages, but missed using it in jwt.

Change-Id: I06d77cd18667526bfc869ebc1b5cc2bcbabc03a6
Reviewed-on: https://go-review.googlesource.com/85457
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2017-12-26 13:35:31 +00:00
Tim Cooper 0448841f0c oauth2: add error type for unsuccessful token endpoint status
Allows the HTTP response and body to be extracted without parsing
the error string, but keeps backwards compatibility for users who
are currently doing so.

Fixes golang/oauth2#173

Change-Id: Id7709da827a155299b047f0bcb74aa8f91b01e96
Reviewed-on: https://go-review.googlesource.com/84156
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2017-12-19 02:07:21 +00:00
Vladimir Varankin 462316686f mailru: add Mail.Ru OAuth2 endpoint
Mail.Ru is one of the most popular email service provider in Russia.

The documentation for Mail.Ru's OAuth2 endpoints is at
https://o2.mail.ru/docs/

Change-Id: I605979b85cff2b00c7b65bbd3306d3fa66faa56d
Reviewed-on: https://go-review.googlesource.com/84415
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2017-12-15 22:01:12 +00:00
Vladimir Varankin dfbc866441 yahoo: add Yahoo OAuth2 endpoint
Change-Id: I4587eaf06cd94821052095345bb76b24ba500699
Reviewed-on: https://go-review.googlesource.com/84195
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2017-12-15 00:49:36 +00:00
Elena Grahovac 09bba2746c microsoft: improve azure active directory endpoint
Rename AzureActiveDirectoryEndpoint to AzureADEndpoint. Add default tenant ("common").
Delete azure package (azure.Endpoint duplicates microsoft.AzureADEndpoint).

Change-Id: I48a7679ffddd984f5744a64edfa4df958c18ed66
Reviewed-on: https://go-review.googlesource.com/83696
Reviewed-by: JBD <jbd@google.com>
2017-12-13 21:28:14 +00:00
Blake Mesdag 00dc70155e oauth2: ignore monotonic time when considering whether Tokens are expired
This change ensures time comparisons Token expiry checking uses the wall
clock instead of the monotonic clock.

This situation can occur on laptops which enter sleep mode and don't
advance their monotonic clock.

Change-Id: If8518e96ca04f2137db4703440ff3b851d221aae
Reviewed-on: https://go-review.googlesource.com/83575
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2017-12-12 20:54:36 +00:00
JBD e585185218 azure: add Azure endpoints
Fixes #257.

Change-Id: I0fa087fd921256f03a0cd62a8ab559c5c63f4d0f
Reviewed-on: https://go-review.googlesource.com/79397
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2017-12-11 18:11:51 +00:00
Anthony Alves 3ea2187447 twitch: add twitch OAuth2 endpoint
Twitch Auth API documentation: https://dev.twitch.tv/docs/authentication

Change-Id: I1a517609c229c8893d2dbf91f8821db386f822ab
Reviewed-on: https://go-review.googlesource.com/83136
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2017-12-11 00:15:14 +00:00
Elena Grahovac 6a2004c890 microsoft: add azure active directory endpoint
Relevant Azure AD API documentation is here: https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols#endpoints

Fixes #257

Change-Id: Ia4fb136bbaa9d4445cd098f354070f16ace3b24b
Reviewed-on: https://go-review.googlesource.com/82315
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2017-12-06 20:57:13 +00:00
Brad Fitzpatrick ea8c6730ed internal: fix test on Go 1.10
Go 1.10 no longer sets implicit Content-Type on empty output.

Updates golang/go#20784

Change-Id: I3f13f76b94b58869481218ea2e1805f5f4175fd7
Reviewed-on: https://go-review.googlesource.com/82017
Reviewed-by: Ian Lance Taylor <iant@golang.org>
2017-12-05 22:58:16 +00:00
Max Schmitt f95fa95eaa internal: add login.live.com to brokenAuthHeaderProviders
This adds 'https://login.live.com/' as a broken auth header provider.
Without this change the provider which is integrated in
golang.org/x/oauth2/microsoft isn't working correctly and returns
a "The provided value for the 'client_secret' parameter is not valid"
response from the endpoint.

Change-Id: I1887e1ad049ce37f81322de84dcddd0ce486d6e1
Reviewed-on: https://go-review.googlesource.com/78555
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2017-11-17 23:52:51 +00:00
Vladimir Varankin 9ff8ebcc8e oauth2: fix some typos in code comments
Change-Id: I3bd85f097e30d693965541eac65df057288c2086
Reviewed-on: https://go-review.googlesource.com/73130
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2017-11-06 15:28:52 +00:00
Tim Cooper bb50c06bab oauth2/internal: remove duplicate package documentation
Fixes golang/go#15855

Change-Id: I71a532a95995fbbfd8a9acd75244537cd05f02f0
Reviewed-on: https://go-review.googlesource.com/66730
Reviewed-by: JBD <jbd@google.com>
2017-09-28 01:05:08 +00:00
Aeneas Rekkas (arekkas) 13449ad91c internal: urlencode client id and secret in header
As per https://tools.ietf.org/html/rfc6749#section-2.3.1 client IDs and secrets must be urlencoded in the authorization header. This patch addresses this by wrapping clientID and clientSecret with url.QueryEscape. A dedicated test for unsafe-url client IDs and secrets has been added as well.

Closes #237

Change-Id: I1f277b52caef4932e14147be8fb1712203da51d0
Reviewed-on: https://go-review.googlesource.com/46473
Reviewed-by: JBD <jbd@google.com>
2017-09-12 21:29:05 +00:00
Jaana Burcu Dogan d89af98d7c oauth2: improve the custom HTTP client example
Fix the broken build and make it consistent with
the first example.

Change-Id: I7c240b826397e6ec04294a2c9de89762d68643de
Reviewed-on: https://go-review.googlesource.com/61050
Run-TryBot: JBD <jbd@google.com>
Reviewed-by: Emmanuel Odeke <emm.odeke@gmail.com>
2017-09-01 19:30:52 +00:00
zachgersh 3d1522b268 oauth2: add examples for basic/custom HTTP client
- provides a bare and custom context example
demonstrating that http client attributes are
not always passed along.
- adds clarifying note to the oauth2.go NewClient
godoc.
- trim down example_test

Change-Id: Iad6697eed83429c36b9ba0efc43293f4910938fb
Reviewed-on: https://go-review.googlesource.com/36553
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Reviewed-by: JBD <jbd@google.com>
2017-09-01 17:26:33 +00:00
Ross Light 9a379c6b3e google: add JSON field to DefaultCredentials
Change-Id: I9cde8eabf4a2cb87db74f7b805045e155fd4ef13
Reviewed-on: https://go-review.googlesource.com/51111
Reviewed-by: Jaana Burcu Dogan <jbd@google.com>
2017-08-07 18:00:24 +00:00
Jaana Burcu Dogan 96fca6c793 LICENSE: attribute to the Go authors
Fixes #242.

Change-Id: Idbb9853e3ffd51aaad6a022a8a736408273e3549
Reviewed-on: https://go-review.googlesource.com/52610
Reviewed-by: Andrew Bonventre <andybons@golang.org>
2017-08-02 15:54:48 +00:00