Merge pull request #7 from LyricTian/develop

Add fasthttp server handle
go-oauth2 · Jul 12, 2016 · 97df1e5 · 97df1e5
2 parents 41a3f22 + da5af9b
commit 97df1e5
Show file tree

Hide file tree

Showing 6 changed files with 365 additions and 76 deletions.
diff --git a/README.md b/README.md
@@ -1,20 +1,20 @@
-OAuth2服务端
-===========
+基于Golang的OAuth2服务实现
+=======================
 
-> 基于Golang实现的OAuth2协议，具有简单化、模块化的特点
+> 完全模块化、支持http/fasthttp的服务端处理、令牌存储支持redis/mongodb
 
 [![GoDoc](https://godoc.org/gopkg.in/oauth2.v2?status.svg)](https://godoc.org/gopkg.in/oauth2.v2)
 [![Go Report Card](https://goreportcard.com/badge/gopkg.in/oauth2.v2)](https://goreportcard.com/report/gopkg.in/oauth2.v2)
 
 获取
 ----
 
-```bash
+``` bash
 $ go get -u gopkg.in/oauth2.v2/...
 ```
 
-使用
-----
+HTTP服务端
+--------
 
 ``` go
 package main
@@ -64,15 +64,43 @@ func main() {
 
 ```
 
+FastHTTP服务端
+-------------
+
+``` go
+srv := server.NewFastServer(server.NewConfig(), manager)
+
+fasthttp.ListenAndServe(":9096", func(ctx *fasthttp.RequestCtx) {
+	switch string(ctx.Request.URI().Path()) {
+	case "/authorize":
+		authReq, err := srv.GetAuthorizeRequest(ctx)
+		if err != nil {
+			ctx.Error(err.Error(), 400)
+			return
+		}
+		authReq.UserID = "000000"
+		// TODO: 登录验证、授权处理
+		err = srv.HandleAuthorizeRequest(ctx, authReq)
+		if err != nil {
+			ctx.Error(err.Error(), 400)
+		}
+	case "/token":
+		err := srv.HandleTokenRequest(ctx)
+		if err != nil {
+			ctx.Error(err.Error(), 400)
+		}
+	}
+})
+```
+
 测试
 ----
+> [goconvey](https://github.com/smartystreets/goconvey)
 
 ``` bash
 $ goconvey -port=9092
 ```
 
-> goconvey使用明细[https://github.com/smartystreets/goconvey](https://github.com/smartystreets/goconvey)
-
 范例
 ----
 

diff --git a/example/README.md b/example/README.md
@@ -1,8 +1,9 @@
-OAuth2 服务端/客户端模拟
-=====================
+OAuth2授权码模式模拟
+=================
 
 运行服务端
 --------
+> 运行fasthttp服务端，请使用`cd example/fastserver`
 
 ```
 $ cd example/server

diff --git a/example/fastserver/main.go b/example/fastserver/main.go
@@ -0,0 +1,50 @@
+package main
+
+import (
+	"log"
+
+	"github.com/valyala/fasthttp"
+	"gopkg.in/oauth2.v2/manage"
+	"gopkg.in/oauth2.v2/models"
+	"gopkg.in/oauth2.v2/server"
+	"gopkg.in/oauth2.v2/store/client"
+	"gopkg.in/oauth2.v2/store/token"
+)
+
+func main() {
+	// 创建基于redis的oauth2管理实例
+	manager := manage.NewRedisManager(
+		&token.RedisConfig{Addr: "192.168.33.70:6379"},
+	)
+	// 使用临时客户端存储
+	manager.MapClientStorage(client.NewTempStore(&models.Client{
+		ID:     "222222",
+		Secret: "22222222",
+		Domain: "http://localhost:9094",
+	}))
+
+	srv := server.NewFastServer(server.NewConfig(), manager)
+
+	log.Println("OAuth2 server is running at 9096 port.")
+	fasthttp.ListenAndServe(":9096", func(ctx *fasthttp.RequestCtx) {
+		switch string(ctx.Request.URI().Path()) {
+		case "/authorize":
+			authReq, err := srv.GetAuthorizeRequest(ctx)
+			if err != nil {
+				ctx.Error(err.Error(), 400)
+				return
+			}
+			authReq.UserID = "000000"
+			// TODO: 登录验证、授权处理
+			err = srv.HandleAuthorizeRequest(ctx, authReq)
+			if err != nil {
+				ctx.Error(err.Error(), 400)
+			}
+		case "/token":
+			err := srv.HandleTokenRequest(ctx)
+			if err != nil {
+				ctx.Error(err.Error(), 400)
+			}
+		}
+	})
+}
diff --git a/server/authorize.go b/server/authorize.go
@@ -1,37 +1,39 @@
 package server
 
 import (
+	"encoding/base64"
 	"net/http"
+	"strings"
 
+	"github.com/valyala/fasthttp"
 	"gopkg.in/oauth2.v2"
 )
 
 // AuthorizeRequest 授权请求
 type AuthorizeRequest struct {
-	Type        oauth2.ResponseType
-	ClientID    string
-	Scope       string
-	RedirectURI string
-	State       string
-	UserID      string
+	Type        oauth2.ResponseType // 授权类型
+	ClientID    string              // 客户端标识
+	Scope       string              // 授权范围
+	RedirectURI string              // 重定向URI
+	State       string              // 状态
+	UserID      string              // 用户标识
 }
 
-// ClientHandler 客户端处理(获取请求的客户端认证信息)
-type ClientHandler func(r *http.Request) (clientID, clientSecret string, err error)
-
-// UserHandler 用户处理(密码模式,根据用户名、密码获取用户标识)
-type UserHandler func(username, password string) (userID string, err error)
-
-// ScopeHandler 授权范围处理(更新令牌时的授权范围检查)
-type ScopeHandler func(new, old string) (err error)
-
 // TokenRequestHandler 令牌请求处理
 type TokenRequestHandler struct {
+	// 客户端信息处理
 	ClientHandler ClientHandler
-	UserHandler   UserHandler
-	ScopeHandler  ScopeHandler
+	// 客户端信息处理(基于fasthttp)
+	ClientFastHandler ClientFastHandler
+	// 用户信息处理
+	UserHandler UserHandler
+	// 授权范围处理
+	ScopeHandler ScopeHandler
 }
 
+// ClientHandler 获取请求的客户端认证信息
+type ClientHandler func(r *http.Request) (clientID, clientSecret string, err error)
+
 // ClientFormHandler 客户端表单信息
 func ClientFormHandler(r *http.Request) (clientID, clientSecret string, err error) {
 	clientID = r.Form.Get("client_id")
@@ -53,3 +55,45 @@ func ClientBasicHandler(r *http.Request) (clientID, clientSecret string, err err
 	clientSecret = password
 	return
 }
+
+// ClientFastHandler 基于fasthttp获取客户端认证信息
+type ClientFastHandler func(ctx *fasthttp.RequestCtx) (clientID, clientSecret string, err error)
+
+// ClientFormFastHandler 客户端表单信息(基于fasthttp)
+func ClientFormFastHandler(ctx *fasthttp.RequestCtx) (clientID, clientSecret string, err error) {
+	clientID = string(ctx.FormValue("client_id"))
+	clientSecret = string(ctx.FormValue("client_secret"))
+	if clientID == "" || clientSecret == "" {
+		err = ErrAuthorizationFormInvalid
+	}
+	return
+}
+
+// ClientBasicFastHandler 客户端基础认证信息(基于fasthttp)
+func ClientBasicFastHandler(ctx *fasthttp.RequestCtx) (clientID, clientSecret string, err error) {
+	auth := string(ctx.Request.Header.Peek("Authorization"))
+	const prefix = "Basic "
+	if auth == "" || !strings.HasPrefix(auth, prefix) {
+		err = ErrAuthorizationHeaderInvalid
+		return
+	}
+	c, err := base64.StdEncoding.DecodeString(auth[len(prefix):])
+	if err != nil {
+		return
+	}
+	cs := string(c)
+	s := strings.IndexByte(cs, ':')
+	if s < 0 {
+		err = ErrAuthorizationHeaderInvalid
+		return
+	}
+	clientID = cs[:s]
+	clientSecret = cs[s+1:]
+	return
+}
+
+// UserHandler 密码模式下,根据用户名、密码获取用户标识
+type UserHandler func(username, password string) (userID string, err error)
+
+// ScopeHandler 更新令牌时的授权范围检查
+type ScopeHandler func(new, old string) (err error)