github.com/Axway/agent-sdk@v1.1.101/pkg/authz/oauth/clientsecretjwtauthenticator.go

github.com/Axway/agent-sdk@v1.1.101/pkg/authz/oauth/clientsecretjwtauthenticator.go (about)

     1  package oauth
     2  
     3  import (
     4  	"net/url"
     5  	"time"
     6  
     7  	"github.com/golang-jwt/jwt"
     8  	"github.com/google/uuid"
     9  )
    10  
    11  type clientSecretJwtAuthenticator struct {
    12  	clientID      string
    13  	clientSecret  string
    14  	scope         string
    15  	issuer        string
    16  	aud           string
    17  	signingMethod string
    18  }
    19  
    20  // prepareInitialToken prepares a token for an access request
    21  func (p *clientSecretJwtAuthenticator) prepareInitialToken() (string, error) {
    22  	now := time.Now()
    23  	token := jwt.NewWithClaims(getSigningMethod(p.signingMethod, jwt.SigningMethodHS256), jwt.StandardClaims{
    24  		Issuer:    p.issuer,
    25  		Subject:   p.clientID,
    26  		Audience:  p.aud,
    27  		ExpiresAt: now.Add(60*time.Second).UnixNano() / 1e9,
    28  		IssuedAt:  now.UnixNano() / 1e9,
    29  		Id:        uuid.New().String(),
    30  	})
    31  
    32  	requestToken, err := token.SignedString([]byte(p.clientSecret))
    33  	if err != nil {
    34  		return "", err
    35  	}
    36  
    37  	return requestToken, nil
    38  }
    39  
    40  func (p *clientSecretJwtAuthenticator) prepareRequest() (url.Values, map[string]string, error) {
    41  	requestToken, err := p.prepareInitialToken()
    42  	if err != nil {
    43  		return nil, nil, err
    44  	}
    45  
    46  	v := url.Values{
    47  		metaGrantType:           []string{GrantTypeClientCredentials},
    48  		metaClientID:            []string{p.clientID},
    49  		metaClientAssertionType: []string{assertionTypeJWT},
    50  		metaClientAssertion:     []string{requestToken},
    51  	}
    52  
    53  	if p.scope != "" {
    54  		v.Add(metaScope, p.scope)
    55  	}
    56  	return v, nil, nil
    57  }