OptimusX
/
OneAuth
mirror of https://github.com/veypi/OneAuth.git
4
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
v3
master
v2
v1.0.0
v0.1.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f188882c0c'
${ noResults }
OneAuth/oauth/constants.go

160 lines
4.4 KiB
Go
Raw Blame History

//
// Copyright (C) 2024 veypi <i@veypi.com>
// 2025-07-24 15:27:31
// Distributed under terms of the MIT license.
//
package oauth
import "time"
// OAuth 2.0 相关常量
const (
// Grant Types
GrantTypeAuthorizationCode = "authorization_code"
GrantTypeRefreshToken = "refresh_token"
GrantTypeClientCredentials = "client_credentials"
GrantTypePassword = "password"
GrantTypeImplicit = "implicit"
// Response Types
ResponseTypeCode = "code"
ResponseTypeToken = "token"
// Token Types
TokenTypeBearer = "Bearer"
// PKCE Challenge Methods
CodeChallengeMethodPlain = "plain"
CodeChallengeMethodS256 = "S256"
// Default Scopes
ScopeRead = "read"
ScopeWrite = "write"
ScopeProfile = "profile"
ScopeEmail = "email"
ScopePhone = "phone"
ScopeAdmin = "admin"
// Token 生存时间
DefaultAuthorizationCodeExpiry = 10 * time.Minute // 授权码10分钟过期
DefaultAccessTokenExpiry = 1 * time.Hour // 访问令牌1小时过期
DefaultRefreshTokenExpiry = 30 * 24 * time.Hour // 刷新令牌30天过期
DefaultSessionExpiry = 24 * time.Hour // 会话24小时过期
// Error Codes (RFC 6749)
ErrorInvalidRequest = "invalid_request"
ErrorInvalidClient = "invalid_client"
ErrorInvalidGrant = "invalid_grant"
ErrorUnauthorizedClient = "unauthorized_client"
ErrorUnsupportedGrantType = "unsupported_grant_type"
ErrorInvalidScope = "invalid_scope"
ErrorAccessDenied = "access_denied"
ErrorUnsupportedResponseType = "unsupported_response_type"
ErrorServerError = "server_error"
ErrorTemporarilyUnavailable = "temporarily_unavailable"
// PKCE Error Codes (RFC 7636)
ErrorInvalidGrant2 = "invalid_grant"
// Token 类型
UserTokenTypeAPI = "api" // API 令牌
UserTokenTypeSession = "session" // 会话令牌
UserTokenTypePersonal = "personal" // 个人访问令牌
)
// 默认作用域定义
var DefaultScopes = []struct {
Name string
DisplayName string
Description string
IsDefault bool
IsSystem bool
}{
{
Name: ScopeProfile,
DisplayName: "基本资料",
Description: "访问您的基本资料信息,如用户名、昵称等",
IsDefault: true,
IsSystem: true,
},
{
Name: ScopeEmail,
DisplayName: "邮箱地址",
Description: "访问您的邮箱地址",
IsDefault: false,
IsSystem: true,
},
{
Name: ScopePhone,
DisplayName: "手机号码",
Description: "访问您的手机号码",
IsDefault: false,
IsSystem: true,
},
{
Name: ScopeRead,
DisplayName: "读取权限",
Description: "读取您的数据",
IsDefault: true,
IsSystem: false,
},
{
Name: ScopeWrite,
DisplayName: "写入权限",
Description: "修改您的数据",
IsDefault: false,
IsSystem: false,
},
{
Name: ScopeAdmin,
DisplayName: "管理员权限",
Description: "完全的管理员权限",
IsDefault: false,
IsSystem: true,
},
}
// 预定义的第三方OAuth提供商
var DefaultOAuthProviders = []struct {
Name string
DisplayName string
AuthURL string
TokenURL string
UserInfoURL string
Scope string
}{
{
Name: "github",
DisplayName: "GitHub",
AuthURL: "https://github.com/login/oauth/authorize",
TokenURL: "https://github.com/login/oauth/access_token",
UserInfoURL: "https://api.github.com/user",
Scope: "user:email",
},
{
Name: "google",
DisplayName: "Google",
AuthURL: "https://accounts.google.com/o/oauth2/v2/auth",
TokenURL: "https://oauth2.googleapis.com/token",
UserInfoURL: "https://www.googleapis.com/oauth2/v2/userinfo",
Scope: "openid profile email",
},
{
Name: "wechat",
DisplayName: "微信",
AuthURL: "https://open.weixin.qq.com/connect/oauth2/authorize",
TokenURL: "https://api.weixin.qq.com/sns/oauth2/access_token",
UserInfoURL: "https://api.weixin.qq.com/sns/userinfo",
Scope: "snsapi_userinfo",
},
{
Name: "dingtalk",
DisplayName: "钉钉",
AuthURL: "https://oapi.dingtalk.com/connect/oauth2/sns_authorize",
TokenURL: "https://oapi.dingtalk.com/sns/gettoken",
UserInfoURL: "https://oapi.dingtalk.com/sns/getuserinfo",
Scope: "snsapi_login",
},
}
Reference in New Issue View Git Blame Copy Permalink