本文整理匯總了Golang中github.com/ory-am/fosite.AccessRequester.GetRequestedScopes方法的典型用法代碼示例。如果您正苦於以下問題:Golang AccessRequester.GetRequestedScopes方法的具體用法?Golang AccessRequester.GetRequestedScopes怎麽用?Golang AccessRequester.GetRequestedScopes使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類github.com/ory-am/fosite.AccessRequester的用法示例。
在下文中一共展示了AccessRequester.GetRequestedScopes方法的2個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Golang代碼示例。
示例1: HandleTokenEndpointRequest
// HandleTokenEndpointRequest implements https://tools.ietf.org/html/rfc6749#section-4.3.2
func (c *ResourceOwnerPasswordCredentialsGrantHandler) HandleTokenEndpointRequest(ctx context.Context, req *http.Request, request fosite.AccessRequester) error {
// grant_type REQUIRED.
// Value MUST be set to "password".
if !request.GetGrantTypes().Exact("password") {
return errors.Wrap(fosite.ErrUnknownRequest, "")
}
if !request.GetClient().GetGrantTypes().Has("password") {
return errors.Wrap(fosite.ErrInvalidGrant, "The client is not allowed to use grant type password")
}
username := req.PostForm.Get("username")
password := req.PostForm.Get("password")
if username == "" || password == "" {
return errors.Wrap(fosite.ErrInvalidRequest, "Username or password missing")
} else if err := c.ResourceOwnerPasswordCredentialsGrantStorage.Authenticate(ctx, username, password); errors.Cause(err) == fosite.ErrNotFound {
return errors.Wrap(fosite.ErrInvalidRequest, err.Error())
} else if err != nil {
return errors.Wrap(fosite.ErrServerError, err.Error())
}
client := request.GetClient()
for _, scope := range request.GetRequestedScopes() {
if !c.ScopeStrategy(client.GetScopes(), scope) {
return errors.Wrap(fosite.ErrInvalidScope, fmt.Sprintf("The client is not allowed to request scope %s", scope))
}
}
// Credentials must not be passed around, potentially leaking to the database!
delete(request.GetRequestForm(), "password")
return nil
}示例2: HandleTokenEndpointRequest
// IntrospectTokenEndpointRequest implements https://tools.ietf.org/html/rfc6749#section-4.4.2
func (c *ClientCredentialsGrantHandler) HandleTokenEndpointRequest(_ context.Context, r *http.Request, request fosite.AccessRequester) error {
// grant_type REQUIRED.
// Value MUST be set to "client_credentials".
if !request.GetGrantTypes().Exact("client_credentials") {
return errors.Wrap(fosite.ErrUnknownRequest, "")
}
client := request.GetClient()
for _, scope := range request.GetRequestedScopes() {
if !c.ScopeStrategy(client.GetScopes(), scope) {
return errors.Wrap(fosite.ErrInvalidScope, fmt.Sprintf("The client is not allowed to request scope %s", scope))
}
}
// The client MUST authenticate with the authorization server as described in Section 3.2.1.
// This requirement is already fulfilled because fosite requries all token requests to be authenticated as described
// in https://tools.ietf.org/html/rfc6749#section-3.2.1
if client.IsPublic() {
return errors.Wrap(fosite.ErrInvalidGrant, "The client is public and thus not allowed to use grant type client_credentials")
}
// if the client is not public, he has already been authenticated by the access request handler.
request.GetSession().SetExpiresAt(fosite.AccessToken, time.Now().Add(c.AccessTokenLifespan))
return nil
}