github.com/resonatecoop/id@v1.1.0-43/oauth/grant_type_password.go (about) 1 package oauth 2 3 import ( 4 "errors" 5 "net/http" 6 7 "github.com/resonatecoop/id/oauth/tokentypes" 8 "github.com/resonatecoop/user-api/model" 9 ) 10 11 var ( 12 // ErrInvalidUsernameOrPassword ... 13 ErrInvalidUsernameOrPassword = errors.New("Invalid username or password") 14 ) 15 16 func (s *Service) passwordGrant(r *http.Request, client *model.Client) (*AccessTokenResponse, error) { 17 // Get the scope string 18 scope, err := s.GetScope(r.Form.Get("scope")) 19 if err != nil { 20 return nil, err 21 } 22 23 // Authenticate the user 24 user, err := s.AuthUser(r.Form.Get("username"), r.Form.Get("password")) 25 if err != nil { 26 // For security reasons, return a general error message 27 return nil, ErrInvalidUsernameOrPassword 28 } 29 30 // Log in the user 31 accessToken, refreshToken, err := s.Login(client, user, scope) 32 if err != nil { 33 return nil, err 34 } 35 36 // Create response 37 accessTokenResponse, err := NewAccessTokenResponse( 38 accessToken, 39 refreshToken, 40 s.cnf.Oauth.AccessTokenLifetime, 41 tokentypes.Bearer, 42 ) 43 if err != nil { 44 return nil, err 45 } 46 47 return accessTokenResponse, nil 48 }