Oauth2
OAuth 2.0 server library for the Go programming language.
| Project Name | Stars | Downloads | Repos Using This | Packages Using This | Most Recent Commit | Total Releases | Latest Release | Open Issues | License | Language |
|---|---|---|---|---|---|---|---|---|---|---|
| Next Auth | 15,364 |  | 21 | 73 | 16 hours ago | 567 | August 01, 2022 | 214 | isc | TypeScript |
| Authentication for the Web. | ||||||||||
| Google Api Nodejs Client | 10,512 |  | 8,219 | 1,712 | a day ago | 218 | September 21, 2022 | 145 | apache-2.0 | TypeScript |
| Google's officially supported Node.js client library for accessing Google APIs. Support for authorization and authentication with OAuth 2.0, API Keys and JWT (Service Tokens) is included. | ||||||||||
| Satellizer | 8,017 |  | 284 | 6 | 3 years ago | 56 | August 30, 2016 | 287 | mit | TypeScript |
| Token-based AngularJS Authentication | ||||||||||
| Doorkeeper | 5,115 |  | 4,009 | 40 | 12 hours ago | 109 | September 08, 2022 | 23 | mit | Ruby |
| Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. | ||||||||||
| 4,863 |  | 458 | 45 | 4 years ago | 73 | February 15, 2017 | 13 | other | JavaScript | |
| 微信公共平台消息接口服务中间件 | ||||||||||
| 4,007 | 26 | 3 days ago | 58 | August 08, 2022 | 87 | apache-2.0 | Go | |||
| WeChat SDK for Go (微信SDK:简单、易用) | ||||||||||
| Octokit.rb | 3,736 |  | 36,226 | 665 | 4 days ago | 129 | September 14, 2022 | 54 | mit | Ruby |
| Ruby toolkit for the GitHub API | ||||||||||
| Gist | 3,718 |  | 361 | 22 | 10 months ago | 36 | August 27, 2020 | 54 | mit | Ruby |
| Potentially the best command line gister. | ||||||||||
| Devise_token_auth | 3,439 |  | 1,516 | 13 | 6 days ago | 112 | July 19, 2021 | 190 | wtfpl | Ruby |
| Token based authentication for Rails JSON APIs. Designed to work with jToker and ng-token-auth. | ||||||||||
| Oauth2orize | 3,307 |  | 2,413 | 151 | a year ago | 21 | November 18, 2021 | 78 | mit | JavaScript |
| OAuth 2.0 authorization server toolkit for Node.js. | ||||||||||
Alternatives To Oauth2Select To Compare
Alternative Project Comparisons
Readme
Golang OAuth 2.0 Server
An open protocol to allow secure authorization in a simple and standard method from web, mobile and desktop applications.
Protocol Flow
+--------+ +---------------+
| |--(A)- Authorization Request ->| Resource |
| | | Owner |
| |<-(B)-- Authorization Grant ---| |
| | +---------------+
| |
| | +---------------+
| |--(C)-- Authorization Grant -->| Authorization |
| Client | | Server |
| |<-(D)----- Access Token -------| |
| | +---------------+
| |
| | +---------------+
| |--(E)----- Access Token ------>| Resource |
| | | Server |
| |<-(F)--- Protected Resource ---| |
+--------+ +---------------+
Quick Start
Download and install
go get -u -v github.com/go-oauth2/oauth2/v4/...
Create file server.go
package main
import (
"log"
"net/http"
"github.com/go-oauth2/oauth2/v4/errors"
"github.com/go-oauth2/oauth2/v4/manage"
"github.com/go-oauth2/oauth2/v4/models"
"github.com/go-oauth2/oauth2/v4/server"
"github.com/go-oauth2/oauth2/v4/store"
)
func main() {
manager := manage.NewDefaultManager()
// token memory store
manager.MustTokenStorage(store.NewMemoryTokenStore())
// client memory store
clientStore := store.NewClientStore()
clientStore.Set("000000", &models.Client{
ID: "000000",
Secret: "999999",
Domain: "http://localhost",
})
manager.MapClientStorage(clientStore)
srv := server.NewDefaultServer(manager)
srv.SetAllowGetAccessRequest(true)
srv.SetClientInfoHandler(server.ClientFormHandler)
srv.SetInternalErrorHandler(func(err error) (re *errors.Response) {
log.Println("Internal Error:", err.Error())
return
})
srv.SetResponseErrorHandler(func(re *errors.Response) {
log.Println("Response Error:", re.Error.Error())
})
http.HandleFunc("/authorize", func(w http.ResponseWriter, r *http.Request) {
err := srv.HandleAuthorizeRequest(w, r)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
}
})
http.HandleFunc("/token", func(w http.ResponseWriter, r *http.Request) {
srv.HandleTokenRequest(w, r)
})
log.Fatal(http.ListenAndServe(":9096", nil))
}
Build and run
go build server.go
./server
Open in your web browser
Authorization Request: http://localhost:9096/authorize?client_id=000000&response_type=code
Grant Token Request: http://localhost:9096/token?grant_type=client_credentials&client_id=000000&client_secret=999999&scope=read
{
"access_token": "J86XVRYSNFCFI233KXDL0Q",
"expires_in": 7200,
"scope": "read",
"token_type": "Bearer"
}
Features
- Easy to use
- Based on the RFC 6749 implementation
- Token storage support TTL
- Support custom expiration time of the access token
- Support custom extension field
- Support custom scope
- Support jwt to generate access tokens
Example
A complete example of simulation authorization code model
Simulation examples of authorization code model, please check example
Use jwt to generate access tokens
import (
"github.com/go-oauth2/oauth2/v4/generates"
"github.com/dgrijalva/jwt-go"
)
// ...
manager.MapAccessGenerate(generates.NewJWTAccessGenerate("", []byte("00000000"), jwt.SigningMethodHS512))
// Parse and verify jwt access token
token, err := jwt.ParseWithClaims(access, &generates.JWTAccessClaims{}, func(t *jwt.Token) (interface{}, error) {
if _, ok := t.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, fmt.Errorf("parse error")
}
return []byte("00000000"), nil
})
if err != nil {
// panic(err)
}
claims, ok := token.Claims.(*generates.JWTAccessClaims)
if !ok || !token.Valid {
// panic("invalid token")
}
Store Implements
- BuntDB(default store)
- Redis
- MongoDB
- MySQL
- MySQL (Provides both client and token store)
- PostgreSQL
- DynamoDB
- XORM
- XORM (MySQL, client and token store)
- GORM
- Firestore
- Hazelcast (token only)
Handy Utilities
MIT License
Copyright (c) 2016 Lyric
Popular Oauth Projects
Popular Token Projects
Popular Security Categories
Related Searches
Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Golang
Token
Oauth
Jwt
Oauth2 Server
Oauth2 Provider