M client.go => client.go +14 -6
@@ 71,8 71,8 @@ func (c *Client) AuthorizationCodeURL(options *AuthorizationOptions) string {
if c.RedirectURI != "" {
q.Set("redirect_uri", c.RedirectURI)
}
- if options.Scope != "" {
- q.Set("scope", options.Scope)
+ if len(options.Scope) > 0 {
+ q.Set("scope", strings.Join(options.Scope, " "))
}
if options.State != "" {
q.Set("state", options.State)
@@ 129,7 129,8 @@ func (c *Client) doToken(params url.Values) (*TokenResp, error) {
var data struct {
TokenResp
- ExpiresIn int64 `json:"expires_in"`
+ ExpiresIn int64 `json:"expires_in"`
+ ScopeStr string `json:"scope"`
}
if err := c.doJSON(req, &data); err != nil {
return nil, err
@@ 138,6 139,9 @@ func (c *Client) doToken(params url.Values) (*TokenResp, error) {
if data.ExpiresIn > 0 {
data.ExpiresAt = time.Now().Add(time.Duration(data.ExpiresIn) * time.Second)
}
+ if data.ScopeStr != "" {
+ data.Scope = strings.Split(data.ScopeStr, " ")
+ }
data.TokenType = strings.ToLower(data.TokenType)
return &data.TokenResp, nil
}
@@ 210,14 214,18 @@ func (c *Client) Introspect(token string) (*IntrospectionResp, error) {
var data struct {
IntrospectionResp
- Exp int64 `json:"exp"`
- Iat int64 `json:"iat"`
- Nbf int64 `json:"nbf"`
+ ScopeStr string `json:"scope"`
+ Exp int64 `json:"exp"`
+ Iat int64 `json:"iat"`
+ Nbf int64 `json:"nbf"`
}
if err := c.doJSON(req, &data); err != nil {
return nil, err
}
+ if data.ScopeStr != "" {
+ data.Scope = strings.Split(data.ScopeStr, " ")
+ }
if data.Exp > 0 {
data.ExpiresAt = time.Unix(data.Exp, 0)
}
M device.go => device.go +4 -3
@@ 3,12 3,13 @@ package oauth2
import (
"errors"
"net/url"
+ "strings"
"time"
)
// DeviceAuthOptions are optional parameters for the device authorisation endpoint.
type DeviceAuthOptions struct {
- Scope string
+ Scope []string
}
// DeviceAuthResp contains the data returned by the device authorisation endpoint.
@@ 27,8 28,8 @@ type DeviceAuthResp struct {
func (c *Client) DeviceAuth(options *DeviceAuthOptions) (*DeviceAuthResp, error) {
q := make(url.Values)
q.Set("client_id", c.ClientID)
- if options.Scope != "" {
- q.Set("scope", options.Scope)
+ if len(options.Scope) > 0 {
+ q.Set("scope", strings.Join(options.Scope, " "))
}
req, err := c.newFormURLEncodedRequest(c.Server.DeviceAuthorizationEndpoint, q)
M oauth2.go => oauth2.go +4 -4
@@ 51,7 51,7 @@ type ClientMetadata struct {
ClientName string `json:"client_name,omitempty"`
ClientURI string `json:"client_uri,omitempty"`
LogoURI string `json:"logo_uri,omitempty"`
- Scope string `json:"scope,omitempty"`
+ Scope []string `json:"-"`
Contacts []string `json:"contacts,omitempty"`
TOSURI string `json:"tos_uri,omitempty"`
PolicyURI string `json:"policy_uri,omitempty"`
@@ 118,7 118,7 @@ type TokenResp struct {
TokenType string `json:"token_type"`
ExpiresAt time.Time `json:"-"`
RefreshToken string `json:"refresh_token,omitempty"`
- Scope string `json:"scope,omitempty"`
+ Scope []string `json:"-"`
}
// SetAuthHeader set OAuth 2.0 credentials on an HTTP request header.
@@ 129,7 129,7 @@ func (tr *TokenResp) SetAuthHeader(h http.Header) {
// AuthorizationOptions are optional parameters for the authorization endpoint.
type AuthorizationOptions struct {
- Scope string
+ Scope []string
State string
}
@@ 163,7 163,7 @@ func ParseAuthorizationResp(u *url.URL) (*AuthorizationResp, error) {
// IntrospectionResp contains the data returned by the introspection endpoint.
type IntrospectionResp struct {
Active bool `json:"active"`
- Scope string `json:"scope,omitempty"`
+ Scope []string `json:"-"`
ClientID string `json:"client_id,omitempty"`
Username string `json:"username,omitempty"`
TokenType string `json:"token_type,omitempty"`