Why the new version didn't have the authorize address. that is, there is no request to get a code

g.GET("/authorize", func(c *gin.Context) {
.....................
....................
ginserver.HandleAuthorizeRequest(c)
})

I am trying to use the password grant to login the user. The API hosts both oauth2 server and resource api in same backend api.

When I send the POST request to /token, I get the below response. I am using the default example that is provided for now but I'm using the password grant instead of client_credentials grant.

{
    "error": "access_denied",
    "error_description": "The resource owner or authorization server denied the request"
}

I am trying to set UserID while doing clientStore.Set to get back UserID from c.Get(ginserver.DefaultConfig.TokenKey)

err := clientStore.Set(client_id, &models.Client{
		ID:     client_id,
		Secret: client_secret,
		Domain: "http://localhost:8000",
		UserID: user_id.String(),
	})

But c.Get(ginserver.DefaultConfig.TokenKey) returns blank UserID anyway.

After reading the README of this repo, it is not clear to me what it takes to use this library together with an external authorisation server; in my case it must be GitHub.

What it looks to me is that the example provided uses the Go/Gin back-end on which this library runs as both OAuth authorisation server and resource server.

Question is: where should I put the specific GitHub URL's so that my resource server asks GitHub to:

• authenticate the user
• produce the token from the temporary code

In some other implementations (e.g. http://www.passportjs.org/) there is some "strategy" that must be provided so that the authorisation server is at GitHub, Google or similar.

Thank you for your attention.

Is it possible to upgrade the gin-server version to v4?

Hi, I have this error of compatibility with gin but I have no idea what is happening here. I saw that in the code, a wrapped function is used, why is it that way and how can I patch it from my side?

./server.go:37: cannot use "github.com/go-oauth2/gin-server".HandleTokenRequest (type func(*"github.com/gin-gonic/gin".Context)) as type "github.com/adriendomoison/default_app/vendor/github.com/gin-gonic/gin".HandlerFunc in argument to auth.GET
./server.go:42: cannot use "github.com/go-oauth2/gin-server".HandleTokenVerify() (type "github.com/gin-gonic/gin".HandlerFunc) as type "github.com/adriendomoison/default_app/vendor/github.com/gin-gonic/gin".HandlerFunc in argument to api.Use

thanks !

So I'm working on an authentication system for users. I want to allow my users to create OAuth apps sorta like how GitHub does it in their developer section. Where the user can create the application, with register they get the client id and client secret. So I have functionality that will generate a client id and client secret with refresh/ revoke. What I'm wondering is how to take your example and make it database driven. Could you provide some guidance ?

Hi, how to set client id and secret client as dynamic?

Any plans to update this package to use v4 of the oauth2 server?

Hi!

I was wondering if you could provide an example on how I use gin-server with form based user/password authentication. I can't seem to get it work...

        manager := manage.NewDefaultManager()

	// token store
	manager.MustTokenStorage(store.NewFileTokenStore("data.db"))

	// client store
	clientStore := store.NewClientStore()
	clientStore.Set(cid, &models.Client{
		ID:     cid,
		Secret: secret,
		Domain: "http://arbitraryaudience",
	})
	manager.MapClientStorage(clientStore)

	// Initialize the oauth2 service
	ginserver.InitServer(manager)
	ginserver.SetAllowGetAccessRequest(true)
	ginserver.SetClientInfoHandler(server.ClientFormHandler)
	ginserver.SetPasswordAuthorizationHandler(server.PasswordAuthorizationHandler)

But that brings the error type server.PasswordAuthorizationHandler is not an expression

I wonder how I would basically follow https://github.com/go-oauth2/oauth2/tree/master/example and then/or lastly how I would be able to modify the way how the password is saved in the database, e.g. do some more operations like login/lookup with additional modifications via https://gowebexamples.com/password-hashing/ e.g.

If you could provide me with any examples or point me into the right directions I would be very thankful.

Keep up the great work!

hi,
I got following compile error:

github.com/go-oauth2/gin-server

src/github.com/go-oauth2/gin-server/server.go:17:19: manager.CheckInterface undefined (type oauth2.Manager has no field or method CheckInterface)

Is there something I missed?
thanks
tao

store.NewTestClientStore() not find();

我搬过来
clientStore := store.NewClientStore()
clientStore.Set("000000", &models.Client{
ID: "000000",
Secret: "999999",
Domain: "http://localhost",
})
manager.MapClientStorage(clientStore)

找个之后走的通，但是允许
http://localhost:9096/token?grant_type=client_credentials&client_id=000000&client_secret=000000&scope=read
会错误！请求把demo写的在详细一点点！

When I'm trying to pass invalid access_token to my middleware, I get blank on postman and 500 on console.

[GIN] 2019/03/22 - 23:52:52 | 500 |      11.702µs |             ::1 | GET      /api/v1/auth/?access_token=asdasdasdasd
Error #01: invalid access token

How do i change the DefaultConfig, to send 401 with invalid token.

As far as I can see there is no code challenge available in this package altough go-oauth2/oauth2 provides it.

Can someone explain me how to use it inside this package or provide a statement if this feature will be added in future?

Thanks in advance.