OAuth2 provider: support for granular scopes
- `CheckOAuthAccessToken` returns both user ID and additional scopes - `grantAdditionalScopes` returns AccessTokenScope ready string (grantScopes) compiled from requested additional scopes by the client - `userIDFromToken` sets returned grantScopes (if any) instead of default `all`
This commit is contained in:
Marcell Mars
parent
3301e7dc75
commit
4eb8d8c496
4 changed files with 76 additions and 26 deletions
|
|
@ -72,7 +72,7 @@ func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore
|
|||
}
|
||||
|
||||
// check oauth2 token
|
||||
uid := CheckOAuthAccessToken(req.Context(), authToken)
|
||||
uid, _ := CheckOAuthAccessToken(req.Context(), authToken)
|
||||
if uid != 0 {
|
||||
log.Trace("Basic Authorization: Valid OAuthAccessToken for user[%d]", uid)
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue