Add redis token store

Author: LyricTian

generates/access_test.go

@@ -13,8 +13,8 @@ func TestAccess(t *testing.T) {
 	Convey("Test Access Generate", t, func() {
 		data := &oauth2.GenerateBasic{
 			Client: &models.Client{
-				ClientID: "123456",
-				Secret:   "123456",
+				ID:     "123456",
+				Secret: "123456",
 			},
 			UserID:   "000000",
 			CreateAt: time.Now(),

generates/authorize_test.go

@@ -13,8 +13,8 @@ func TestAuthorize(t *testing.T) {
 	Convey("Test Authorize Generate", t, func() {
 		data := &oauth2.GenerateBasic{
 			Client: &models.Client{
-				ClientID: "123456",
-				Secret:   "123456",
+				ID:     "123456",
+				Secret: "123456",
 			},
 			UserID:   "000000",
 			CreateAt: time.Now(),

manage/manager.go

@@ -87,15 +87,15 @@ func (m *Manager) MapTokenGenerate(gen oauth2.AccessGenerate) {
 }
 
 // MapClientStorage 注入客户端信息存储接口
-func (m *Manager) MapClientStorage(stor oauth2.ClientStorage) {
+func (m *Manager) MapClientStorage(stor oauth2.ClientStore) {
 	if stor == nil {
 		panic(ErrNilValue)
 	}
 	m.injector.Map(stor)
 }
 
 // MustClientStorage 强制注入客户端信息存储接口
-func (m *Manager) MustClientStorage(stor oauth2.ClientStorage, err error) {
+func (m *Manager) MustClientStorage(stor oauth2.ClientStore, err error) {
 	if err != nil {
 		panic(err)
 	}
@@ -106,15 +106,15 @@ func (m *Manager) MustClientStorage(stor oauth2.ClientStorage, err error) {
 }
 
 // MapTokenStorage 注入令牌信息存储接口
-func (m *Manager) MapTokenStorage(stor oauth2.TokenStorage) {
+func (m *Manager) MapTokenStorage(stor oauth2.TokenStore) {
 	if stor == nil {
 		panic(ErrNilValue)
 	}
 	m.injector.Map(stor)
 }
 
 // MustTokenStorage 强制注入令牌信息存储接口
-func (m *Manager) MustTokenStorage(stor oauth2.TokenStorage, err error) {
+func (m *Manager) MustTokenStorage(stor oauth2.TokenStore, err error) {
 	if err != nil {
 		panic(err)
 	}
@@ -126,7 +126,7 @@ func (m *Manager) MustTokenStorage(stor oauth2.TokenStorage, err error) {
 
 // GetClient 获取客户端信息
 func (m *Manager) GetClient(clientID string) (cli oauth2.ClientInfo, err error) {
-	err = m.injector.Apply(func(stor oauth2.ClientStorage) {
+	err = m.injector.Apply(func(stor oauth2.ClientStore) {
 		cli, err = stor.GetByID(clientID)
 		if err != nil {
 			return
@@ -148,7 +148,7 @@ func (m *Manager) GenerateAuthToken(rt oauth2.ResponseType, tgr *oauth2.TokenGen
 		err = verr
 		return
 	}
-	_, ierr := m.injector.Invoke(func(ti oauth2.TokenInfo, gen oauth2.AuthorizeGenerate, stor oauth2.TokenStorage) {
+	_, ierr := m.injector.Invoke(func(ti oauth2.TokenInfo, gen oauth2.AuthorizeGenerate, stor oauth2.TokenStore) {
 		td := &oauth2.GenerateBasic{
 			Client:   cli,
 			UserID:   tgr.UserID,
@@ -191,7 +191,12 @@ func (m *Manager) GenerateAccessToken(gt oauth2.GrantType, tgr *oauth2.TokenGene
 		} else if ti.GetRedirectURI() != tgr.RedirectURI || ti.GetClientID() != tgr.ClientID {
 			err = ErrAuthTokenInvalid
 			return
+		} else if verr := m.RemoveAccessToken(tgr.Code); verr != nil { // 删除授权码
+			err = verr
+			return
 		}
+		tgr.UserID = ti.GetUserID()
+		tgr.Scope = ti.GetScope()
 	}
 	cli, err := m.GetClient(tgr.ClientID)
 	if err != nil {
@@ -200,7 +205,7 @@ func (m *Manager) GenerateAccessToken(gt oauth2.GrantType, tgr *oauth2.TokenGene
 		err = ErrClientInvalid
 		return
 	}
-	_, ierr := m.injector.Invoke(func(ti oauth2.TokenInfo, gen oauth2.AccessGenerate, stor oauth2.TokenStorage) {
+	_, ierr := m.injector.Invoke(func(ti oauth2.TokenInfo, gen oauth2.AccessGenerate, stor oauth2.TokenStore) {
 		td := &oauth2.GenerateBasic{
 			Client:   cli,
 			UserID:   tgr.UserID,
@@ -242,7 +247,7 @@ func (m *Manager) RefreshAccessToken(refresh, scope string) (token string, err e
 	if err != nil {
 		return
 	}
-	_, ierr := m.injector.Invoke(func(stor oauth2.TokenStorage, gen oauth2.AccessGenerate) {
+	_, ierr := m.injector.Invoke(func(stor oauth2.TokenStore, gen oauth2.AccessGenerate) {
 		cli, cerr := m.GetClient(ti.GetClientID())
 		if cerr != nil {
 			err = cerr
@@ -285,7 +290,7 @@ func (m *Manager) RemoveAccessToken(access string) (err error) {
 		err = ErrAccessInvalid
 		return
 	}
-	_, ierr := m.injector.Invoke(func(stor oauth2.TokenStorage) {
+	_, ierr := m.injector.Invoke(func(stor oauth2.TokenStore) {
 		err = stor.RemoveByAccess(access)
 	})
 	if ierr != nil && err == nil {
@@ -300,7 +305,7 @@ func (m *Manager) RemoveRefreshToken(refresh string) (err error) {
 		err = ErrAccessInvalid
 		return
 	}
-	_, ierr := m.injector.Invoke(func(stor oauth2.TokenStorage) {
+	_, ierr := m.injector.Invoke(func(stor oauth2.TokenStore) {
 		err = stor.RemoveByRefresh(refresh)
 	})
 	if ierr != nil && err == nil {
@@ -315,7 +320,7 @@ func (m *Manager) LoadAccessToken(access string) (info oauth2.TokenInfo, err err
 		err = ErrAccessInvalid
 		return
 	}
-	_, ierr := m.injector.Invoke(func(stor oauth2.TokenStorage) {
+	_, ierr := m.injector.Invoke(func(stor oauth2.TokenStore) {
 		ct := time.Now()
 		ti, terr := stor.GetByAccess(access)
 		if terr != nil {
@@ -355,7 +360,7 @@ func (m *Manager) LoadRefreshToken(refresh string) (info oauth2.TokenInfo, err e
 		err = ErrRefreshInvalid
 		return
 	}
-	_, ierr := m.injector.Invoke(func(stor oauth2.TokenStorage) {
+	_, ierr := m.injector.Invoke(func(stor oauth2.TokenStore) {
 		ti, terr := stor.GetByRefresh(refresh)
 		if terr != nil {
 			err = terr

model.go

@@ -12,8 +12,8 @@ type (
 		GetSecret() string
 		// 客户端域名URL
 		GetDomain() string
-		// Other data
-		GetOtherData() interface{}
+		// 用户数据
+		GetUserData() interface{}
 	}
 
 	// TokenInfo 令牌信息模型接口

models/client.go

@@ -2,14 +2,14 @@ package models
 
 // Client 客户端信息
 type Client struct {
-	ClientID string // 客户端ID
-	Secret   string // 密钥
-	Domain   string // 域名url
+	ID     string // 客户端ID
+	Secret string // 密钥
+	Domain string // 域名url
 }
 
 // GetID 客户端ID
 func (c *Client) GetID() string {
-	return c.ClientID
+	return c.ID
 }
 
 // GetSecret 客户端秘钥
@@ -22,7 +22,7 @@ func (c *Client) GetDomain() string {
 	return c.Domain
 }
 
-// GetOtherData Other data
-func (c *Client) GetOtherData() interface{} {
+// GetUserData 用户数据
+func (c *Client) GetUserData() interface{} {
 	return nil
 }

storages/.gitkeep

@@ -2,14 +2,14 @@ package oauth2
 
 // 提供存储接口
 type (
-	// ClientStorage 客户端信息存储接口
-	ClientStorage interface {
+	// ClientStore 客户端信息存储接口
+	ClientStore interface {
 		// GetByID 根据ID获取客户端信息
 		GetByID(id string) (ClientInfo, error)
 	}
 
-	// TokenStorage 令牌信息存储接口
-	TokenStorage interface {
+	// TokenStore 令牌信息存储接口
+	TokenStore interface {
 		// Create 创建并存储新的令牌信息
 		Create(info TokenInfo) error
 
@@ -19,9 +19,6 @@ type (
 		// RemoveByRefresh 使用更新令牌删除令牌信息
 		RemoveByRefresh(refresh string) error
 
-		// 使用访问令牌取出令牌信息数据(获取并删除)
-		TakeByAccess(access string) (TokenInfo, error)
-
 		// 使用访问令牌获取令牌信息数据
 		GetByAccess(access string) (TokenInfo, error)
 

storage.go store.gostorage.go renamed to store.go

@@ -0,0 +1,36 @@
+package client
+
+import (
+	"errors"
+
+	"gopkg.in/oauth2.v2"
+	"gopkg.in/oauth2.v2/models"
+)
+
+// NewTempStore 创建客户端临时存储实例
+func NewTempStore() oauth2.ClientStore {
+	return &TempStore{
+		data: map[string]*models.Client{
+			"1": &models.Client{
+				ID:     "1",
+				Secret: "11",
+				Domain: "http://localhost",
+			},
+		},
+	}
+}
+
+// TempStore 客户端信息的临时存储
+type TempStore struct {
+	data map[string]*models.Client
+}
+
+// GetByID 获取客户端信息
+func (ts *TempStore) GetByID(id string) (cli oauth2.ClientInfo, err error) {
+	if c, ok := ts.data[id]; ok {
+		cli = c
+		return
+	}
+	err = errors.New("not found")
+	return
+}

store/client/temp.go

@@ -0,0 +1,120 @@
+package token
+
+import (
+	"encoding/json"
+
+	"gopkg.in/oauth2.v2"
+	"gopkg.in/oauth2.v2/models"
+	"gopkg.in/redis.v4"
+)
+
+// NewRedisStore 创建redis存储的实例
+func NewRedisStore(cfg *RedisConfig) (store oauth2.TokenStore, err error) {
+	opt := &redis.Options{
+		Network:      cfg.Network,
+		Addr:         cfg.Addr,
+		Password:     cfg.Password,
+		DB:           cfg.DB,
+		MaxRetries:   cfg.MaxRetries,
+		DialTimeout:  cfg.DialTimeout,
+		ReadTimeout:  cfg.ReadTimeout,
+		WriteTimeout: cfg.WriteTimeout,
+		PoolSize:     cfg.PoolSize,
+		PoolTimeout:  cfg.PoolTimeout,
+	}
+	cli := redis.NewClient(opt)
+	if verr := cli.Ping().Err(); verr != nil {
+		err = verr
+		return
+	}
+	store = &RedisStore{cli: cli}
+	return
+}
+
+// RedisStore 令牌的redis存储
+type RedisStore struct {
+	cli *redis.Client
+}
+
+// Create 存储令牌信息
+func (rs *RedisStore) Create(info oauth2.TokenInfo) (err error) {
+	jv, err := json.Marshal(info)
+	if err != nil {
+		return
+	}
+	pipe := rs.cli.Pipeline()
+
+	aexp := info.GetAccessExpiresIn()
+	if refresh := info.GetRefresh(); refresh != "" {
+		exp := info.GetRefreshExpiresIn()
+		ttl := rs.cli.TTL(refresh)
+		if verr := ttl.Err(); verr != nil {
+			err = verr
+			return
+		}
+		if v := ttl.Val(); v.Seconds() > 0 {
+			exp = v
+		}
+		if aexp.Seconds() > exp.Seconds() {
+			aexp = exp
+		}
+		pipe.Set(refresh, jv, exp)
+	}
+	pipe.Set(info.GetAccess(), jv, aexp)
+
+	if _, verr := pipe.Exec(); verr != nil {
+		err = verr
+	}
+	return
+}
+
+// remove
+func (rs *RedisStore) remove(key string) (err error) {
+	del := rs.cli.Del(key)
+	if verr := del.Err(); verr != nil {
+		err = verr
+	}
+	return
+}
+
+// RemoveByAccess 移除令牌
+func (rs *RedisStore) RemoveByAccess(access string) (err error) {
+	err = rs.remove(access)
+	return
+}
+
+// RemoveByRefresh 移除令牌
+func (rs *RedisStore) RemoveByRefresh(refresh string) (err error) {
+	err = rs.remove(refresh)
+	return
+}
+
+func (rs *RedisStore) get(key string) (ti oauth2.TokenInfo, err error) {
+	gv, gerr := rs.cli.Get(key).Result()
+	if gerr != nil {
+		if gerr == redis.Nil {
+			return
+		}
+		err = gerr
+		return
+	}
+	var tm models.Token
+	if verr := json.Unmarshal([]byte(gv), &tm); verr != nil {
+		err = verr
+		return
+	}
+	ti = &tm
+	return
+}
+
+// GetByAccess 获取令牌数据
+func (rs *RedisStore) GetByAccess(access string) (ti oauth2.TokenInfo, err error) {
+	ti, err = rs.get(access)
+	return
+}
+
+// GetByRefresh 获取令牌数据
+func (rs *RedisStore) GetByRefresh(refresh string) (ti oauth2.TokenInfo, err error) {
+	ti, err = rs.get(refresh)
+	return
+}