forked from Mirrors/oauth2
91 lines
2.6 KiB
Go
91 lines
2.6 KiB
Go
// Copyright 2014 The oauth2 Authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
// Package oauth2 provides support for making
|
|
// OAuth2 authorized and authenticated HTTP requests.
|
|
// It can additionally grant authorization with Bearer JWT.
|
|
package oauth2 // import "golang.org/x/oauth2"
|
|
|
|
import (
|
|
"net/http"
|
|
"net/url"
|
|
"time"
|
|
)
|
|
|
|
// Token represents the crendentials used to authorize
|
|
// the requests to access protected resources on the OAuth 2.0
|
|
// provider's backend.
|
|
//
|
|
// Most users of this package should not access fields of Token
|
|
// directly. They're exported mostly for use by related packages
|
|
// implementing derivate OAuth2 flows.
|
|
type Token struct {
|
|
// AccessToken is the token that authorizes and authenticates
|
|
// the requests.
|
|
AccessToken string `json:"access_token"`
|
|
|
|
// TokenType is the type of token.
|
|
// The Type method returns either this or "Bearer", the default.
|
|
TokenType string `json:"token_type,omitempty"`
|
|
|
|
// RefreshToken is a token that's used by the application
|
|
// (as opposed to the user) to refresh the access token
|
|
// if it expires.
|
|
RefreshToken string `json:"refresh_token,omitempty"`
|
|
|
|
// Expiry is the optional expiration time of the access token.
|
|
//
|
|
// If zero, TokenSource implementations will reuse the same
|
|
// token forever and RefreshToken or equivalent
|
|
// mechanisms for that TokenSource will not be used.
|
|
Expiry time.Time `json:"expiry,omitempty"`
|
|
|
|
// raw optionally contains extra metadata from the server
|
|
// when updating a token.
|
|
raw interface{}
|
|
}
|
|
|
|
// Type returns t.TokenType if non-empty, else "Bearer".
|
|
func (t *Token) Type() string {
|
|
if t.TokenType != "" {
|
|
return t.TokenType
|
|
}
|
|
return "Bearer"
|
|
}
|
|
|
|
// SetAuthHeader sets the Authorization header to r using the access
|
|
// token in t.
|
|
//
|
|
// This method is unnecessary when using Transport or an HTTP Client
|
|
// returned by this package.
|
|
func (t *Token) SetAuthHeader(r *http.Request) {
|
|
r.Header.Set("Authorization", t.Type()+" "+t.AccessToken)
|
|
}
|
|
|
|
// Extra returns an extra field returned from the server during token
|
|
// retrieval.
|
|
func (t *Token) Extra(key string) string {
|
|
if vals, ok := t.raw.(url.Values); ok {
|
|
return vals.Get(key)
|
|
}
|
|
if raw, ok := t.raw.(map[string]interface{}); ok {
|
|
if val, ok := raw[key].(string); ok {
|
|
return val
|
|
}
|
|
}
|
|
return ""
|
|
}
|
|
|
|
// Expired returns true if there is no access token or the
|
|
// access token is expired.
|
|
func (t *Token) Expired() bool {
|
|
if t.AccessToken == "" {
|
|
return true
|
|
}
|
|
if t.Expiry.IsZero() {
|
|
return false
|
|
}
|
|
return t.Expiry.Before(time.Now())
|
|
}
|