mirror of https://github.com/veypi/OneAuth.git
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
93 lines
3.2 KiB
Go
93 lines
3.2 KiB
Go
2 weeks ago
|
package model
|
||
|
|
|
||
|
|
import (
|
||
|
|
"time"
|
||
|
|
)
|
||
|
|
|
||
|
|
// OAuthClient OAuth客户端
|
||
|
|
type OAuthClient struct {
|
||
|
|
Base
|
||
|
|
Name string `json:"name" gorm:"size:50;not null"`
|
||
|
|
Description string `json:"description" gorm:"size:200"`
|
||
|
|
ClientID string `json:"client_id" gorm:"uniqueIndex;size:32;not null"`
|
||
|
|
ClientSecret string `json:"-" gorm:"size:64;not null"`
|
||
|
|
RedirectURIs string `json:"redirect_uris" gorm:"type:text"` // 逗号分隔
|
||
|
|
GrantTypes string `json:"grant_types" gorm:"size:100"` // authorization_code/refresh_token/client_credentials
|
||
|
|
ResponseTypes string `json:"response_types" gorm:"size:50"` // code/token
|
||
|
|
AllowedScopes string `json:"allowed_scopes" gorm:"size:200"` // openid profile email org roles
|
||
|
|
TokenExpiry int `json:"token_expiry" gorm:"default:3600"` // access_token有效期(秒)
|
||
|
|
RefreshExpiry int `json:"refresh_expiry" gorm:"default:2592000"`
|
||
|
|
OwnerID string `json:"owner_id" gorm:"not null"`
|
||
|
|
OrgID string `json:"org_id" gorm:"index"`
|
||
|
|
Status int `json:"status" gorm:"default:1"`
|
||
|
|
}
|
||
|
|
|
||
|
|
func (OAuthClient) TableName() string {
|
||
|
|
return "oauth_clients"
|
||
|
|
}
|
||
|
|
|
||
|
|
// OAuthAuthorization 授权码
|
||
|
|
type OAuthAuthorization struct {
|
||
|
|
Base
|
||
|
|
UserID string `json:"user_id" gorm:"index;not null"`
|
||
|
|
ClientID string `json:"client_id" gorm:"index;not null"`
|
||
|
|
OrgID string `json:"org_id" gorm:"index"`
|
||
|
|
Code string `json:"code" gorm:"uniqueIndex;size:64"`
|
||
|
|
Scope string `json:"scope" gorm:"size:200"`
|
||
|
|
State string `json:"state" gorm:"size:100"`
|
||
|
|
RedirectURI string `json:"redirect_uri" gorm:"size:500"`
|
||
|
|
CodeChallenge string `json:"-" gorm:"size:128"`
|
||
|
|
CodeChallengeMethod string `json:"-" gorm:"size:10"`
|
||
|
|
Used bool `json:"used" gorm:"default:false"`
|
||
|
|
UsedAt *time.Time `json:"used_at"`
|
||
|
|
ExpiresAt time.Time `json:"expires_at"`
|
||
|
|
}
|
||
|
|
|
||
|
|
func (OAuthAuthorization) TableName() string {
|
||
|
|
return "oauth_authorizations"
|
||
|
|
}
|
||
|
|
|
||
|
|
// OAuthToken OAuth访问令牌
|
||
|
|
type OAuthToken struct {
|
||
|
|
Base
|
||
|
|
UserID string `json:"user_id" gorm:"index;not null"`
|
||
|
|
ClientID string `json:"client_id" gorm:"index;not null"`
|
||
|
|
OrgID string `json:"org_id" gorm:"index"`
|
||
|
|
AccessToken string `json:"-" gorm:"uniqueIndex;size:64"`
|
||
|
|
RefreshToken string `json:"-" gorm:"uniqueIndex;size:64"`
|
||
|
|
TokenType string `json:"token_type" gorm:"size:10;default:Bearer"`
|
||
|
|
Scope string `json:"scope" gorm:"size:200"`
|
||
|
|
ExpiresAt time.Time `json:"expires_at"`
|
||
|
|
Revoked bool `json:"revoked" gorm:"default:false"`
|
||
|
|
RevokedAt *time.Time `json:"revoked_at"`
|
||
|
|
}
|
||
|
|
|
||
|
|
func (OAuthToken) TableName() string {
|
||
|
|
return "oauth_tokens"
|
||
|
|
}
|
||
|
|
|
||
|
|
// Grant Types
|
||
|
|
const (
|
||
|
|
GrantTypeAuthorizationCode = "authorization_code"
|
||
|
|
GrantTypeRefreshToken = "refresh_token"
|
||
|
|
GrantTypeClientCredentials = "client_credentials"
|
||
|
|
GrantTypePassword = "password"
|
||
|
|
)
|
||
|
|
|
||
|
|
// Response Types
|
||
|
|
const (
|
||
|
|
ResponseTypeCode = "code"
|
||
|
|
ResponseTypeToken = "token"
|
||
|
|
)
|
||
|
|
|
||
|
|
// Scopes
|
||
|
|
const (
|
||
|
|
ScopeOpenID = "openid"
|
||
|
|
ScopeProfile = "profile"
|
||
|
|
ScopeEmail = "email"
|
||
|
|
ScopePhone = "phone"
|
||
|
|
ScopeOrg = "org"
|
||
|
|
ScopeRoles = "roles"
|
||
|
|
ScopeOffline = "offline_access"
|
||
|
|
)
|