vendor/golang.org/x/oauth2/token.go - voltctl - Gitiles

 // Copyright 2014 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

 package oauth2

 import (
 	"context"
 	"fmt"
 	"net/http"
 	"net/url"
 	"strconv"
 	"strings"
 	"time"

 	"golang.org/x/oauth2/internal"
 )

 // expiryDelta determines how earlier a token should be considered
 // expired than its actual expiration time. It is used to avoid late
 // expirations due to client-server time mismatches.
 const expiryDelta = 10 * time.Second

 // Token represents the credentials used to authorize
 // the requests to access protected resources on the OAuth 2.0
 // provider's backend.
 //
 // Most users of this package should not access fields of Token
 // directly. They're exported mostly for use by related packages
 // implementing derivative OAuth2 flows.
 type Token struct {
 	// AccessToken is the token that authorizes and authenticates
 	// the requests.
 	AccessToken string `json:"access_token"`

 	// TokenType is the type of token.
 	// The Type method returns either this or "Bearer", the default.
 	TokenType string `json:"token_type,omitempty"`

 	// RefreshToken is a token that's used by the application
 	// (as opposed to the user) to refresh the access token
 	// if it expires.
 	RefreshToken string `json:"refresh_token,omitempty"`

 	// Expiry is the optional expiration time of the access token.
 	//
 	// If zero, TokenSource implementations will reuse the same
 	// token forever and RefreshToken or equivalent
 	// mechanisms for that TokenSource will not be used.
 	Expiry time.Time `json:"expiry,omitempty"`

 	// raw optionally contains extra metadata from the server
 	// when updating a token.
 	raw interface{}
 }

 // Type returns t.TokenType if non-empty, else "Bearer".
 func (t *Token) Type() string {
 	if strings.EqualFold(t.TokenType, "bearer") {
 		return "Bearer"
 	}
 	if strings.EqualFold(t.TokenType, "mac") {
 		return "MAC"
 	}
 	if strings.EqualFold(t.TokenType, "basic") {
 		return "Basic"
 	}
 	if t.TokenType != "" {
 		return t.TokenType
 	}
 	return "Bearer"
 }

 // SetAuthHeader sets the Authorization header to r using the access
 // token in t.
 //
 // This method is unnecessary when using Transport or an HTTP Client
 // returned by this package.
 func (t *Token) SetAuthHeader(r *http.Request) {
 	r.Header.Set("Authorization", t.Type()+" "+t.AccessToken)
 }

 // WithExtra returns a new Token that's a clone of t, but using the
 // provided raw extra map. This is only intended for use by packages
 // implementing derivative OAuth2 flows.
 func (t *Token) WithExtra(extra interface{}) *Token {
 	t2 := new(Token)
 	*t2 = *t
 	t2.raw = extra
 	return t2
 }

 // Extra returns an extra field.
 // Extra fields are key-value pairs returned by the server as a
 // part of the token retrieval response.
 func (t *Token) Extra(key string) interface{} {
 	if raw, ok := t.raw.(map[string]interface{}); ok {
 		return raw[key]
 	}

 	vals, ok := t.raw.(url.Values)
 	if !ok {
 		return nil
 	}

 	v := vals.Get(key)
 	switch s := strings.TrimSpace(v); strings.Count(s, ".") {
 	case 0: // Contains no "."; try to parse as int
 		if i, err := strconv.ParseInt(s, 10, 64); err == nil {
 			return i
 		}
 	case 1: // Contains a single "."; try to parse as float
 		if f, err := strconv.ParseFloat(s, 64); err == nil {
 			return f
 		}
 	}

 	return v
 }

 // timeNow is time.Now but pulled out as a variable for tests.
 var timeNow = time.Now

 // expired reports whether the token is expired.
 // t must be non-nil.
 func (t *Token) expired() bool {
 	if t.Expiry.IsZero() {
 		return false
 	}
 	return t.Expiry.Round(0).Add(-expiryDelta).Before(timeNow())
 }

 // Valid reports whether t is non-nil, has an AccessToken, and is not expired.
 func (t *Token) Valid() bool {
 	return t != nil && t.AccessToken != "" && !t.expired()
 }

 // tokenFromInternal maps an *internal.Token struct into
 // a *Token struct.
 func tokenFromInternal(t *internal.Token) *Token {
 	if t == nil {
 		return nil
 	}
 	return &Token{
 		AccessToken:  t.AccessToken,
 		TokenType:    t.TokenType,
 		RefreshToken: t.RefreshToken,
 		Expiry:       t.Expiry,
 		raw:          t.Raw,
 	}
 }

 // retrieveToken takes a *Config and uses that to retrieve an *internal.Token.
 // This token is then mapped from *internal.Token into an *oauth2.Token which is returned along
 // with an error..
 func retrieveToken(ctx context.Context, c *Config, v url.Values) (*Token, error) {
 	tk, err := internal.RetrieveToken(ctx, c.ClientID, c.ClientSecret, c.Endpoint.TokenURL, v, internal.AuthStyle(c.Endpoint.AuthStyle))
 	if err != nil {
 		if rErr, ok := err.(*internal.RetrieveError); ok {
 			return nil, (*RetrieveError)(rErr)
 		}
 		return nil, err
 	}
 	return tokenFromInternal(tk), nil
 }

 // RetrieveError is the error returned when the token endpoint returns a
 // non-2XX HTTP status code.
 type RetrieveError struct {
 	Response *http.Response
 	// Body is the body that was consumed by reading Response.Body.
 	// It may be truncated.
 	Body []byte
 }

 func (r *RetrieveError) Error() string {
 	return fmt.Sprintf("oauth2: cannot fetch token: %v\nResponse: %s", r.Response.Status, r.Body)
 }
	// Copyright 2014 The Go Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style
	// license that can be found in the LICENSE file.

	package oauth2

	import (
	"context"
	"fmt"
	"net/http"
	"net/url"
	"strconv"
	"strings"
	"time"

	"golang.org/x/oauth2/internal"
	)

	// expiryDelta determines how earlier a token should be considered
	// expired than its actual expiration time. It is used to avoid late
	// expirations due to client-server time mismatches.
	const expiryDelta = 10 * time.Second

	// Token represents the credentials used to authorize
	// the requests to access protected resources on the OAuth 2.0
	// provider's backend.
	//
	// Most users of this package should not access fields of Token
	// directly. They're exported mostly for use by related packages
	// implementing derivative OAuth2 flows.
	type Token struct {
	// AccessToken is the token that authorizes and authenticates
	// the requests.
	AccessToken string `json:"access_token"`

	// TokenType is the type of token.
	// The Type method returns either this or "Bearer", the default.
	TokenType string `json:"token_type,omitempty"`

	// RefreshToken is a token that's used by the application
	// (as opposed to the user) to refresh the access token
	// if it expires.
	RefreshToken string `json:"refresh_token,omitempty"`

	// Expiry is the optional expiration time of the access token.
	//
	// If zero, TokenSource implementations will reuse the same
	// token forever and RefreshToken or equivalent
	// mechanisms for that TokenSource will not be used.
	Expiry time.Time `json:"expiry,omitempty"`

	// raw optionally contains extra metadata from the server
	// when updating a token.
	raw interface{}
	}

	// Type returns t.TokenType if non-empty, else "Bearer".
	func (t *Token) Type() string {
	if strings.EqualFold(t.TokenType, "bearer") {
	return "Bearer"
	}
	if strings.EqualFold(t.TokenType, "mac") {
	return "MAC"
	}
	if strings.EqualFold(t.TokenType, "basic") {
	return "Basic"
	}
	if t.TokenType != "" {
	return t.TokenType
	}
	return "Bearer"
	}

	// SetAuthHeader sets the Authorization header to r using the access
	// token in t.
	//
	// This method is unnecessary when using Transport or an HTTP Client
	// returned by this package.
	func (t Token) SetAuthHeader(r http.Request) {
	r.Header.Set("Authorization", t.Type()+" "+t.AccessToken)
	}

	// WithExtra returns a new Token that's a clone of t, but using the
	// provided raw extra map. This is only intended for use by packages
	// implementing derivative OAuth2 flows.
	func (t Token) WithExtra(extra interface{}) Token {
	t2 := new(Token)
	t2 = t
	t2.raw = extra
	return t2
	}

	// Extra returns an extra field.
	// Extra fields are key-value pairs returned by the server as a
	// part of the token retrieval response.
	func (t *Token) Extra(key string) interface{} {
	if raw, ok := t.raw.(map[string]interface{}); ok {
	return raw[key]
	}

	vals, ok := t.raw.(url.Values)
	if !ok {
	return nil
	}

	v := vals.Get(key)
	switch s := strings.TrimSpace(v); strings.Count(s, ".") {
	case 0: // Contains no "."; try to parse as int
	if i, err := strconv.ParseInt(s, 10, 64); err == nil {
	return i
	}
	case 1: // Contains a single "."; try to parse as float
	if f, err := strconv.ParseFloat(s, 64); err == nil {
	return f
	}
	}

	return v
	}

	// timeNow is time.Now but pulled out as a variable for tests.
	var timeNow = time.Now

	// expired reports whether the token is expired.
	// t must be non-nil.
	func (t *Token) expired() bool {
	if t.Expiry.IsZero() {
	return false
	}
	return t.Expiry.Round(0).Add(-expiryDelta).Before(timeNow())
	}

	// Valid reports whether t is non-nil, has an AccessToken, and is not expired.
	func (t *Token) Valid() bool {
	return t != nil && t.AccessToken != "" && !t.expired()
	}

	// tokenFromInternal maps an *internal.Token struct into
	// a *Token struct.
	func tokenFromInternal(t internal.Token) Token {
	if t == nil {
	return nil
	}
	return &Token{
	AccessToken: t.AccessToken,
	TokenType: t.TokenType,
	RefreshToken: t.RefreshToken,
	Expiry: t.Expiry,
	raw: t.Raw,
	}
	}

	// retrieveToken takes a Config and uses that to retrieve an internal.Token.
	// This token is then mapped from internal.Token into an oauth2.Token which is returned along
	// with an error..
	func retrieveToken(ctx context.Context, c Config, v url.Values) (Token, error) {
	tk, err := internal.RetrieveToken(ctx, c.ClientID, c.ClientSecret, c.Endpoint.TokenURL, v, internal.AuthStyle(c.Endpoint.AuthStyle))
	if err != nil {
	if rErr, ok := err.(*internal.RetrieveError); ok {
	return nil, (*RetrieveError)(rErr)
	}
	return nil, err
	}
	return tokenFromInternal(tk), nil
	}

	// RetrieveError is the error returned when the token endpoint returns a
	// non-2XX HTTP status code.
	type RetrieveError struct {
	Response *http.Response
	// Body is the body that was consumed by reading Response.Body.
	// It may be truncated.
	Body []byte
	}

	func (r *RetrieveError) Error() string {
	return fmt.Sprintf("oauth2: cannot fetch token: %v\nResponse: %s", r.Response.Status, r.Body)
	}