clientcredentials/clientcredentials.go - oauth2 - Git at Google

 // Copyright 2014 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

 // Package clientcredentials implements the OAuth2.0 "client credentials" token flow,
 // also known as the "two-legged OAuth 2.0".
 //
 // This should be used when the client is acting on its own behalf or when the client
 // is the resource owner. It may also be used when requesting access to protected
 // resources based on an authorization previously arranged with the authorization
 // server.
 //
 // See http://tools.ietf.org/html/draft-ietf-oauth-v2-31#section-4.4
 package clientcredentials // import "golang.org/x/oauth2/clientcredentials"

 import (
 	"net/http"
 	"net/url"
 	"strings"

 	"golang.org/x/net/context"
 	"golang.org/x/oauth2"
 	"golang.org/x/oauth2/internal"
 )

 // Config describes a 2-legged OAuth2 flow, with both the
 // client application information and the server's endpoint URLs.
 type Config struct {
 	// ClientID is the application's ID.
 	ClientID string

 	// ClientSecret is the application's secret.
 	ClientSecret string

 	// TokenURL is the resource server's token endpoint
 	// URL. This is a constant specific to each server.
 	TokenURL string

 	// Scope specifies optional requested permissions.
 	Scopes []string
 }

 // Token uses client credentials to retrieve a token.
 // The HTTP client to use is derived from the context.
 // If nil, http.DefaultClient is used.
 func (c *Config) Token(ctx context.Context) (*oauth2.Token, error) {
 	return c.TokenSource(ctx).Token()
 }

 // Client returns an HTTP client using the provided token.
 // The token will auto-refresh as necessary. The underlying
 // HTTP transport will be obtained using the provided context.
 // The returned client and its Transport should not be modified.
 func (c *Config) Client(ctx context.Context) *http.Client {
 	return oauth2.NewClient(ctx, c.TokenSource(ctx))
 }

 // TokenSource returns a TokenSource that returns t until t expires,
 // automatically refreshing it as necessary using the provided context and the
 // client ID and client secret.
 //
 // Most users will use Config.Client instead.
 func (c *Config) TokenSource(ctx context.Context) oauth2.TokenSource {
 	source := &tokenSource{
 		ctx:  ctx,
 		conf: c,
 	}
 	return oauth2.ReuseTokenSource(nil, source)
 }

 type tokenSource struct {
 	ctx  context.Context
 	conf *Config
 }

 // Token refreshes the token by using a new client credentials request.
 // tokens received this way do not include a refresh token
 func (c *tokenSource) Token() (*oauth2.Token, error) {
 	tk, err := internal.RetrieveToken(c.ctx, c.conf.ClientID, c.conf.ClientSecret, c.conf.TokenURL, url.Values{
 		"grant_type": {"client_credentials"},
 		"scope":      internal.CondVal(strings.Join(c.conf.Scopes, " ")),
 	})
 	if err != nil {
 		return nil, err
 	}
 	t := &oauth2.Token{
 		AccessToken:  tk.AccessToken,
 		TokenType:    tk.TokenType,
 		RefreshToken: tk.RefreshToken,
 		Expiry:       tk.Expiry,
 	}
 	return t.WithExtra(tk.Raw), nil
 }
	// Copyright 2014 The Go Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style
	// license that can be found in the LICENSE file.

	// Package clientcredentials implements the OAuth2.0 "client credentials" token flow,
	// also known as the "two-legged OAuth 2.0".
	//
	// This should be used when the client is acting on its own behalf or when the client
	// is the resource owner. It may also be used when requesting access to protected
	// resources based on an authorization previously arranged with the authorization
	// server.
	//
	// See http://tools.ietf.org/html/draft-ietf-oauth-v2-31#section-4.4
	package clientcredentials // import "golang.org/x/oauth2/clientcredentials"

	import (
	"net/http"
	"net/url"
	"strings"

	"golang.org/x/net/context"
	"golang.org/x/oauth2"
	"golang.org/x/oauth2/internal"
	)

	// Config describes a 2-legged OAuth2 flow, with both the
	// client application information and the server's endpoint URLs.
	type Config struct {
	// ClientID is the application's ID.
	ClientID string

	// ClientSecret is the application's secret.
	ClientSecret string

	// TokenURL is the resource server's token endpoint
	// URL. This is a constant specific to each server.
	TokenURL string

	// Scope specifies optional requested permissions.
	Scopes []string
	}

	// Token uses client credentials to retrieve a token.
	// The HTTP client to use is derived from the context.
	// If nil, http.DefaultClient is used.
	func (c Config) Token(ctx context.Context) (oauth2.Token, error) {
	return c.TokenSource(ctx).Token()
	}

	// Client returns an HTTP client using the provided token.
	// The token will auto-refresh as necessary. The underlying
	// HTTP transport will be obtained using the provided context.
	// The returned client and its Transport should not be modified.
	func (c Config) Client(ctx context.Context) http.Client {
	return oauth2.NewClient(ctx, c.TokenSource(ctx))
	}

	// TokenSource returns a TokenSource that returns t until t expires,
	// automatically refreshing it as necessary using the provided context and the
	// client ID and client secret.
	//
	// Most users will use Config.Client instead.
	func (c *Config) TokenSource(ctx context.Context) oauth2.TokenSource {
	source := &tokenSource{
	ctx: ctx,
	conf: c,
	}
	return oauth2.ReuseTokenSource(nil, source)
	}

	type tokenSource struct {
	ctx context.Context
	conf *Config
	}

	// Token refreshes the token by using a new client credentials request.
	// tokens received this way do not include a refresh token
	func (c tokenSource) Token() (oauth2.Token, error) {
	tk, err := internal.RetrieveToken(c.ctx, c.conf.ClientID, c.conf.ClientSecret, c.conf.TokenURL, url.Values{
	"grant_type": {"client_credentials"},
	"scope": internal.CondVal(strings.Join(c.conf.Scopes, " ")),
	})
	if err != nil {
	return nil, err
	}
	t := &oauth2.Token{
	AccessToken: tk.AccessToken,
	TokenType: tk.TokenType,
	RefreshToken: tk.RefreshToken,
	Expiry: tk.Expiry,
	}
	return t.WithExtra(tk.Raw), nil
	}