GithubHelp home page GithubHelp logo

isabella232 / osin-storage Goto Github PK

View Code? Open in Web Editor NEW

This project forked from ory/osin-storage

0.0 0.0 0.0 504 KB

PostgreSQL storage backend for RangelReale osin OAuth2

Home Page: https://ory.am

License: Apache License 2.0

Shell 5.59% Go 94.41%

osin-storage's Introduction

osin-storage

Build Status Coverage Status

A postgres storage backend for osin oauth2. Additional to implementing the osin.Storage interface, the github.com/ory/osin-storage/storage.Storage interface defines new methods:

This repository is now stable. If your build fails, try running with godep. An API Documentation is available here and here.

// CreateClient stores the client in the database and returns an error, if something went wrong
CreateClient(client osin.Client) error

// UpdateClient updates the client (identified by it's id) and replaces the values with the values of client.
// Returns an error if something went wrong.
UpdateClient(client osin.Client) error

// RemoveClient removes a client (identified by id) from the database. Returns an error if something went wrong.
RemoveClient(id string) error

Encrypt your tokens

Unfortunately, the osin library offers little capabilities for storing credentials like access or refresh tokens in a hashed or encrypted way. An attacker could gain access to your database through various attack vectors, steal these tokens and gain, for example, administrative access to your application.

Please be aware, that this library stores all data as-is and does not perform any sort of encryption or hashing.

Usage

First, install this library with go get "github.com/ory/osin-storage/storage/postgres".

import (
	"database/sql"
	_ "github.com/lib/pq"

	"github.com/ory/osin-storage/storage/postgres"
	"github.com/RangelReale/osin"
)

func main() {
    // url := "postgres://my-postgres-url/database"
	db, err = sql.Open("postgres", url)
    if err != nil {
        return nil, err
    }

    store := postgres.New(db)
    server := osin.NewServer(osin.NewServerConfig(), store)

    // See the osin documentation for more information
    // e.g.: server.HandleAuthorizeRequest(resp, r)
}

Limitations

TL;DR AuthorizeData's Client's and AccessData's UserData field must be string due to language restrictions or an error will be thrown.

In osin, Client, AuthorizeData and AccessData have a UserData property of type interface{}. This does not work well with SQL, because it is not possible to gob decode or unmarshall the data back, since the concrete type is not known. Because osin's storage interface does not support setting the UserData type, this library tries to convert UserData to string and return it as such. With this, you could for example gob encode (use e.g. base64 encode for SQL storage type compatibility) the data before passing it to e.g. FinishAccessRequest and decode it when needed.

osin-storage's People

Contributors

leetal avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.