github.com/RichardKnop/Go-oauth2-server@v1.0.1/oauth/grant_type_password.go

github.com/RichardKnop/Go-oauth2-server@v1.0.1/oauth/grant_type_password.go (about)

     1  package oauth
     2  
     3  import (
     4  	"errors"
     5  	"net/http"
     6  
     7  	"github.com/RichardKnop/go-oauth2-server/models"
     8  	"github.com/RichardKnop/go-oauth2-server/oauth/tokentypes"
     9  )
    10  
    11  var (
    12  	// ErrInvalidUsernameOrPassword ...
    13  	ErrInvalidUsernameOrPassword = errors.New("Invalid username or password")
    14  )
    15  
    16  func (s *Service) passwordGrant(r *http.Request, client *models.OauthClient) (*AccessTokenResponse, error) {
    17  	// Get the scope string
    18  	scope, err := s.GetScope(r.Form.Get("scope"))
    19  	if err != nil {
    20  		return nil, err
    21  	}
    22  
    23  	// Authenticate the user
    24  	user, err := s.AuthUser(r.Form.Get("username"), r.Form.Get("password"))
    25  	if err != nil {
    26  		// For security reasons, return a general error message
    27  		return nil, ErrInvalidUsernameOrPassword
    28  	}
    29  
    30  	// Log in the user
    31  	accessToken, refreshToken, err := s.Login(client, user, scope)
    32  	if err != nil {
    33  		return nil, err
    34  	}
    35  
    36  	// Create response
    37  	accessTokenResponse, err := NewAccessTokenResponse(
    38  		accessToken,
    39  		refreshToken,
    40  		s.cnf.Oauth.AccessTokenLifetime,
    41  		tokentypes.Bearer,
    42  	)
    43  	if err != nil {
    44  		return nil, err
    45  	}
    46  
    47  	return accessTokenResponse, nil
    48  }