oauth2
oauth2 copied to clipboard
go-oauth2
OAuth 2.0 server library for the Go programming language.
I am wondering if you guys support multiple redirect uris? When configuring a oauth2 client it is desirable that different domains can access the same service using the same client...
https://github.com/go-oauth2/oauth2/blob/master/store/client.go There is no method provided to clean up the specified clientid in the clientstore. How can I clean it up? Continuously adding clientid to clientstore will cause a lot...
if the sso url is : http://XXXX/#/sso will return redirecturi: http://XXXX/?code=ODLMMGNJYTCTNWRJMY0ZZDBKLWE0YJMTYJU0MDUWNTE5ZJM2#/sso maybe java vue app always use this url with "#"
[OIDC IDToken](https://openid.net/specs/openid-connect-core-1_0.html#IDToken) need nonce claim, which is passed through unmodified from the Authentication Request. add extenstion in Token and extractExtension in Manager, store extension in token.
After embedding go-ouath2 into a server writing test-cases to validate the integration is functioning as expected, particularly in terms of token expiry is very difficult as the library contains many...
Bumps gopkg.in/yaml.v3 from 3.0.0-20200615113413-eeeca48fe776 to 3.0.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
If multiple users are ddoing oauth at same time, does this mean this `store.Set("LoggedInUserID", r.Form.Get("username"))` will retrieve username of the most current user?,; what will happen to the previous user??...
我使用最新版的go-zero开发了go微服务,服务如下: account-api admin-api go-oauth2是集成在account-api端的,按照官方的文档已经成功集成,现在的问题是, 在前端(vue开发的前端)访问account-api/account/info接口 这个接口使用下面的代码验证前端携带的token,可以正常验证并通过 ``` token, err := svcCtx.Oauth2Res.CheckToken(w, r) if err != nil { return } ``` CheckToken的封装是根据[https://github.com/llaoj/oauth2nsso/blob/master/main.go#L273C8-L273C8](url)进行的 现在在前端使用同样的请求头请求admin-api/system/info接口,接口使用同样的代码 ``` token, err := svcCtx.Oauth2Res.CheckToken(w, r) if err...
Sending client ID and client secret in the URL as query params is less secure than putting them in headers. The querystring is encrypted with SSL, but URLs are stored...
Hi, I am using oauth2 as an authorization server to secure a microservices based app, doing like so I needed the *oauth2.Token to be returned as a payload(instead of being...
