Add mongodb token store

Author: LyricTian

manage/manager.go

@@ -247,6 +247,7 @@ func (m *Manager) RefreshAccessToken(refresh, scope string) (token string, err e
 	if err != nil {
 		return
 	}
+	access := ti.GetAccess()
 	_, ierr := m.injector.Invoke(func(stor oauth2.TokenStore, gen oauth2.AccessGenerate) {
 		cli, cerr := m.GetClient(ti.GetClientID())
 		if cerr != nil {
@@ -272,7 +273,7 @@ func (m *Manager) RefreshAccessToken(refresh, scope string) (token string, err e
 			err = verr
 			return
 		}
-		if verr := stor.RemoveByRefresh(refresh); verr != nil {
+		if verr := stor.RemoveByAccess(access); verr != nil {
 			err = verr
 			return
 		}
@@ -330,19 +331,8 @@ func (m *Manager) LoadAccessToken(access string) (info oauth2.TokenInfo, err err
 			err = ErrAccessInvalid
 			return
 		} else if ti.GetRefresh() != "" && ti.GetRefreshCreateAt().Add(ti.GetRefreshExpiresIn()).Before(ct) { // 检查更新令牌是否过期
-			// 删除过期的访问令牌
-			if verr := stor.RemoveByRefresh(ti.GetRefresh()); verr != nil {
-				err = verr
-				return
-			}
 			err = ErrRefreshExpired
 		} else if ti.GetAccessCreateAt().Add(ti.GetAccessExpiresIn()).Before(ct) { // 检查访问令牌是否过期
-			if ti.GetRefresh() == "" { // 删除过期的访问令牌
-				if verr := stor.RemoveByAccess(access); verr != nil {
-					err = verr
-					return
-				}
-			}
 			err = ErrAccessExpired
 			return
 		}
@@ -369,11 +359,6 @@ func (m *Manager) LoadRefreshToken(refresh string) (info oauth2.TokenInfo, err e
 			err = ErrRefreshInvalid
 			return
 		} else if ti.GetRefreshCreateAt().Add(ti.GetRefreshExpiresIn()).Before(time.Now()) {
-			// 删除过期的更新令牌
-			if verr := stor.RemoveByRefresh(refresh); verr != nil {
-				err = verr
-				return
-			}
 			err = ErrRefreshExpired
 			return
 		}

models/token.go

@@ -4,17 +4,17 @@ import "time"
 
 // Token 令牌信息
 type Token struct {
-	ClientID         string        // 客户端标识
-	UserID           string        // 用户标识
-	RedirectURI      string        // 重定向URI
-	Scope            string        // 权限范围
-	AuthType         string        // 令牌授权类型
-	Access           string        // 访问令牌
-	AccessCreateAt   time.Time     // 访问令牌创建时间
-	AccessExpiresIn  time.Duration // 访问令牌有效期
-	Refresh          string        // 更新令牌
-	RefreshCreateAt  time.Time     // 更新令牌创建时间
-	RefreshExpiresIn time.Duration // 更新令牌有效期
+	ClientID         string        `bson:"ClientID"`         // 客户端标识
+	UserID           string        `bson:"UserID"`           // 用户标识
+	RedirectURI      string        `bson:"RedirectURI"`      // 重定向URI
+	Scope            string        `bson:"Scope"`            // 权限范围
+	AuthType         string        `bson:"AuthType"`         // 令牌授权类型
+	Access           string        `bson:"Access"`           // 访问令牌
+	AccessCreateAt   time.Time     `bson:"AccessCreateAt"`   // 访问令牌创建时间
+	AccessExpiresIn  time.Duration `bson:"AccessExpiresIn"`  // 访问令牌有效期
+	Refresh          string        `bson:"Refresh"`          // 更新令牌
+	RefreshCreateAt  time.Time     `bson:"RefreshCreateAt"`  // 更新令牌创建时间
+	RefreshExpiresIn time.Duration `bson:"RefreshExpiresIn"` // 更新令牌有效期
 }
 
 // GetClientID 客户端ID

store/token/mongo.go

@@ -0,0 +1,148 @@
+package token
+
+import (
+	"time"
+
+	"gopkg.in/LyricTian/lib.v2/mongo"
+	"gopkg.in/mgo.v2"
+	"gopkg.in/mgo.v2/bson"
+	"gopkg.in/oauth2.v2"
+	"gopkg.in/oauth2.v2/models"
+)
+
+// MongoConfig MongoDB Configuration
+type MongoConfig struct {
+	// Connection String
+	URL string
+	// DB Name(default oauth2)
+	DB string
+	// Collection Name(default tokens)
+	C string
+}
+
+// NewMongoStore 创建MongoDB的令牌存储
+func NewMongoStore(cfg *MongoConfig) (store oauth2.TokenStore, err error) {
+	if cfg.DB == "" {
+		cfg.DB = "oauth2"
+	}
+	if cfg.C == "" {
+		cfg.C = "tokens"
+	}
+	handler, err := mongo.InitHandlerWithDB(cfg.URL, cfg.DB)
+	if err != nil {
+		return
+	}
+	// 创建自动过期索引
+	err = handler.C(cfg.C).EnsureIndex(mgo.Index{
+		Key:         []string{"ExpiredAt"},
+		ExpireAfter: time.Second,
+	})
+	if err != nil {
+		return
+	}
+	err = handler.C(cfg.C).EnsureIndexKey("Access")
+	if err != nil {
+		return
+	}
+	err = handler.C(cfg.C).EnsureIndexKey("Refresh")
+	if err != nil {
+		return
+	}
+	store = &MongoStore{
+		handler: handler,
+		cfg:     cfg,
+	}
+	return
+}
+
+// MongoStore MongoDB Store
+type MongoStore struct {
+	cfg     *MongoConfig
+	handler *mongo.Handler
+}
+
+// Create 存储令牌信息
+func (ms *MongoStore) Create(info oauth2.TokenInfo) (err error) {
+	tm := info.(*models.Token)
+	var expiredAt time.Time
+	if refresh := tm.Refresh; refresh != "" {
+		expiredAt = tm.RefreshCreateAt.Add(tm.RefreshExpiresIn)
+		rinfo, rerr := ms.GetByRefresh(refresh)
+		if rerr != nil {
+			err = rerr
+			return
+		}
+		if rinfo != nil {
+			expiredAt = rinfo.GetRefreshCreateAt().Add(rinfo.GetRefreshExpiresIn())
+		}
+	}
+	if expiredAt.IsZero() {
+		expiredAt = tm.AccessCreateAt.Add(tm.AccessExpiresIn)
+	}
+	doc := map[string]interface{}{
+		"ExpiredAt":        expiredAt,
+		"ClientID":         tm.ClientID,
+		"UserID":           tm.UserID,
+		"RedirectURI":      tm.RedirectURI,
+		"Scope":            tm.Scope,
+		"AuthType":         tm.AuthType,
+		"Access":           tm.Access,
+		"AccessCreateAt":   tm.AccessCreateAt,
+		"AccessExpiresIn":  tm.AccessExpiresIn,
+		"Refresh":          tm.Refresh,
+		"RefreshCreateAt":  tm.RefreshCreateAt,
+		"RefreshExpiresIn": tm.RefreshExpiresIn,
+	}
+
+	ms.handler.CHandle(ms.cfg.C, func(c *mgo.Collection) {
+		err = c.Insert(doc)
+	})
+	return
+}
+
+func (ms *MongoStore) remove(selector interface{}) (err error) {
+	ms.handler.CHandle(ms.cfg.C, func(c *mgo.Collection) {
+		err = c.Remove(selector)
+	})
+	return
+}
+
+// RemoveByAccess 移除令牌
+func (ms *MongoStore) RemoveByAccess(access string) (err error) {
+	err = ms.remove(bson.M{"Access": access})
+	return
+}
+
+// RemoveByRefresh 移除令牌
+func (ms *MongoStore) RemoveByRefresh(refresh string) (err error) {
+	err = ms.remove(bson.M{"Refresh": refresh})
+	return
+}
+
+func (ms *MongoStore) get(find interface{}) (info oauth2.TokenInfo, err error) {
+	ms.handler.CHandle(ms.cfg.C, func(c *mgo.Collection) {
+		var tm models.Token
+		aerr := c.Find(find).Select(bson.M{"_id": 0}).One(&tm)
+		if aerr != nil {
+			if aerr == mgo.ErrNotFound {
+				return
+			}
+			err = aerr
+			return
+		}
+		info = &tm
+	})
+	return
+}
+
+// GetByAccess 获取令牌数据
+func (ms *MongoStore) GetByAccess(access string) (info oauth2.TokenInfo, err error) {
+	info, err = ms.get(bson.M{"Access": access})
+	return
+}
+
+// GetByRefresh 获取令牌数据
+func (ms *MongoStore) GetByRefresh(refresh string) (info oauth2.TokenInfo, err error) {
+	info, err = ms.get(bson.M{"Refresh": refresh})
+	return
+}

store/token/mongo_test.go

@@ -0,0 +1,51 @@
+package token
+
+import (
+	"testing"
+
+	. "github.com/smartystreets/goconvey/convey"
+)
+
+const (
+	mongoURL = "mongodb://admin:[email protected]:27017"
+)
+
+func TestMongoStore(t *testing.T) {
+	Convey("Test mongo store", t, func() {
+		cfg := &MongoConfig{
+			URL: mongoURL,
+		}
+		store, err := NewMongoStore(cfg)
+		So(err, ShouldBeNil)
+
+		Convey("Test mongo store access", func() {
+			testAccessStore(store)
+		})
+
+		Convey("Test mongo store refresh", func() {
+			testRefreshStore(store)
+		})
+	})
+}
+
+func TestMongoStoreAccessExpired(t *testing.T) {
+	Convey("Test mongo store access token expired", t, func() {
+		cfg := &MongoConfig{
+			URL: mongoURL,
+		}
+		store, err := NewMongoStore(cfg)
+		So(err, ShouldBeNil)
+		testAccessExpired(store)
+	})
+}
+
+func TestMongoStoreRefreshExpired(t *testing.T) {
+	Convey("Test mongo store refresh token expired", t, func() {
+		cfg := &MongoConfig{
+			URL: mongoURL,
+		}
+		store, err := NewMongoStore(cfg)
+		So(err, ShouldBeNil)
+		testRefreshExpired(store)
+	})
+}

store/token/redis_config.go

@@ -2,7 +2,7 @@ package token
 
 import "time"
 
-// RedisConfig Redis配置参数
+// RedisConfig Redis Configuration
 type RedisConfig struct {
 	// The network type, either tcp or unix.
 	// Default is tcp.