-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsession.go
67 lines (59 loc) · 1.75 KB
/
session.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
package gorvp
import (
"time"
"github.com/ory-am/fosite/token/jwt"
"github.com/ory-am/fosite"
"strings"
core "github.com/ory-am/fosite/handler/oauth2"
)
type Session struct {
ScopeSeparator string
*core.JWTSession
}
// newSession is a helper function for creating a new session
func NewSession(config *Config, userID string, scopes fosite.Arguments, clientID string, connection *Connection) *Session {
session := &Session{
JWTSession: &core.JWTSession{
JWTClaims: &jwt.JWTClaims{
Issuer: config.Issuer,
Subject: userID,
Audience: clientID,
IssuedAt: time.Now(),
},
JWTHeader: &jwt.Headers{
Extra: make(map[string]interface{}),
},
ExpiresAt: map[fosite.TokenType]time.Time{
fosite.AuthorizeCode: time.Now().Add(config.Lifespan.AuthorizeCode * time.Second),
fosite.AccessToken: time.Now().Add(config.Lifespan.AccessToken * time.Second),
fosite.RefreshToken: time.Now().Add(config.Lifespan.RefreshToken * time.Second),
},
Username: userID,
},
ScopeSeparator: " ",
}
session.SetScopes(scopes)
session.SetConnection(connection)
return session
}
func (s *Session) CopyScopeFromClaims(claims *jwt.JWTClaims) {
s.JWTClaims.Add("sco", claims.Get("sco"))
}
func (s *Session) SetScopes(scopes fosite.Arguments) {
s.JWTClaims.Add("sco", strings.Join(scopes, s.ScopeSeparator))
}
func (s *Session) SetConnection(connection *Connection) {
s.JWTClaims.Add("cni", connection.ID)
}
func GrantScope(oauth2 fosite.OAuth2Provider, ar fosite.Requester) error {
requestClient := ar.GetClient()
clientScopes := requestClient.GetScopes()
for _, requestScope := range ar.GetRequestedScopes() {
if clientScopes.Has(requestScope) {
ar.GrantScope(requestScope)
} else {
return ErrClientPermission
}
}
return nil
}