Add per client authorization if needed.

go-oauth2 · May 2, 2022 · c9f79d9 · c9f79d9
1 parent 446d602
commit c9f79d9
Show file tree

Hide file tree

Showing 4 changed files with 5 additions and 5 deletions.
diff --git a/example/server/server.go b/example/server/server.go
@@ -64,7 +64,7 @@ func main() {
 
 	srv := server.NewServer(server.NewConfig(), manager)
 
-	srv.SetPasswordAuthorizationHandler(func(ctx context.Context, username, password string) (userID string, err error) {
+	srv.SetPasswordAuthorizationHandler(func(ctx context.Context, username, password, clientID string) (userID string, err error) {
 		if username == "test" && password == "test" {
 			userID = "test"
 		}

diff --git a/server/handler.go b/server/handler.go
@@ -23,7 +23,7 @@ type (
 	UserAuthorizationHandler func(w http.ResponseWriter, r *http.Request) (userID string, err error)
 
 	// PasswordAuthorizationHandler get user id from username and password
-	PasswordAuthorizationHandler func(ctx context.Context, username, password string) (userID string, err error)
+	PasswordAuthorizationHandler func(ctx context.Context, username, password, clientID string) (userID string, err error)
 
 	// RefreshingScopeHandler check the scope of the refreshing token
 	RefreshingScopeHandler func(tgr *oauth2.TokenGenerateRequest, oldScope string) (allowed bool, err error)

diff --git a/server/server.go b/server/server.go
@@ -32,7 +32,7 @@ func NewServer(cfg *Config, manager oauth2.Manager) *Server {
 		return "", errors.ErrAccessDenied
 	}
 
-	srv.PasswordAuthorizationHandler = func(ctx context.Context, username, password string) (string, error) {
+	srv.PasswordAuthorizationHandler = func(ctx context.Context, clientID, username, password string) (string, error) {
 		return "", errors.ErrAccessDenied
 	}
 	return srv
@@ -357,7 +357,7 @@ func (s *Server) ValidationTokenRequest(r *http.Request) (oauth2.GrantType, *oau
 			return "", nil, errors.ErrInvalidRequest
 		}
 
-		userID, err := s.PasswordAuthorizationHandler(r.Context(), username, password)
+		userID, err := s.PasswordAuthorizationHandler(r.Context(), username, password, clientID)
 		if err != nil {
 			return "", nil, err
 		} else if userID == "" {

diff --git a/server/server_test.go b/server/server_test.go
@@ -251,7 +251,7 @@ func TestPasswordCredentials(t *testing.T) {
 
 	manager.MapClientStorage(clientStore(""))
 	srv = server.NewDefaultServer(manager)
-	srv.SetPasswordAuthorizationHandler(func(ctx context.Context, username, password string) (userID string, err error) {
+	srv.SetPasswordAuthorizationHandler(func(ctx context.Context, username, password, clientID string) (userID string, err error) {
 		if username == "admin" && password == "123456" {
 			userID = "000000"
 			return