BearerAuth function changed to AccessTokenResolveHandler

BearerAuth function changed to AccessTokenResolveHandler

removed unused dep

setter

Author: Azridum

server/handler.go

@@ -3,6 +3,7 @@ package server
 import (
 	"context"
 	"net/http"
+	"strings"
 	"time"
 
 	"github.com/go-oauth2/oauth2/v4"
@@ -54,6 +55,9 @@ type (
 
 	// Handler to fetch the refresh token from the request
 	RefreshTokenResolveHandler func(r *http.Request) (string, error)
+
+	// Handler to fetch the access token from the request
+	AccessTokenResolveHandler func(r *http.Request) (string, bool)
 )
 
 // ClientFormHandler get client data from form
@@ -92,3 +96,26 @@ func RefreshTokenCookieResolveHandler(r *http.Request) (string, error) {
 
 	return c.Value, nil
 }
+
+func AccessTokenDefaultResolveHandler(r *http.Request) (string, bool) {
+	token := ""
+	auth := r.Header.Get("Authorization")
+	prefix := "Bearer "
+
+	if auth != "" && strings.HasPrefix(auth, prefix) {
+		token = auth[len(prefix):]
+	} else {
+		token = r.FormValue("access_token")
+	}
+
+	return token, token != ""
+}
+
+func AccessTokenCookieResolveHandler(r *http.Request) (string, bool) {
+	c, err := r.Cookie("access_token")
+	if err != nil {
+		return "", false
+	}
+
+	return c.Value, true
+}

server/handler_test.go

@@ -62,3 +62,60 @@ func TestRefreshTokenCookieResolveHandler(t *testing.T) {
 		So(token, ShouldBeEmpty)
 	})
 }
+
+func TestAccessTokenDefaultHandler(t *testing.T) {
+	Convey("Request Has Header", t, func() {
+		r := httptest.NewRequest(http.MethodPost, "/", nil)
+		r.Header.Add("Authorization", "Bearer test_token")
+
+		token, ok := AccessTokenDefaultResolveHandler(r)
+		So(ok, ShouldBeTrue)
+		So(token, ShouldEqual, "test_token")
+	})
+
+	Convey("Request Has FormValue", t, func() {
+		f := url.Values{}
+		f.Add("access_token", "test_token")
+		r := httptest.NewRequest(http.MethodPost, "/", strings.NewReader(f.Encode()))
+		r.Header.Set("Content-Type", "application/x-www-form-urlencoded")
+
+		token, ok := AccessTokenDefaultResolveHandler(r)
+		So(ok, ShouldBeTrue)
+		So(token, ShouldEqual, "test_token")
+	})
+
+	Convey("Request Has Nothing", t, func() {
+		r := httptest.NewRequest(http.MethodPost, "/", nil)
+
+		token, ok := AccessTokenDefaultResolveHandler(r)
+		So(ok, ShouldBeFalse)
+		So(token, ShouldBeEmpty)
+	})
+}
+
+func TestAccessTokenCookieHandler(t *testing.T) {
+	Convey("Request Has Cookie", t, func() {
+		r := httptest.NewRequest(http.MethodPost, "/", nil)
+		r.Header.Set("Content-Type", "application/x-www-form-urlencoded")
+		r.AddCookie(&http.Cookie{
+			Name:     "access_token",
+			Value:    "test_token",
+			HttpOnly: true,
+			Path:     "/",
+			Domain:   ".example.com",
+			Expires:  time.Now().Add(time.Hour),
+		})
+
+		token, ok := AccessTokenCookieResolveHandler(r)
+		So(ok, ShouldBeTrue)
+		So(token, ShouldEqual, "test_token")
+	})
+
+	Convey("Request Has No Cookie", t, func() {
+		r := httptest.NewRequest(http.MethodPost, "/", nil)
+
+		token, ok := AccessTokenCookieResolveHandler(r)
+		So(ok, ShouldBeFalse)
+		So(token, ShouldBeEmpty)
+	})
+}

server/server.go

@@ -6,7 +6,6 @@ import (
 	"fmt"
 	"net/http"
 	"net/url"
-	"strings"
 	"time"
 
 	"github.com/go-oauth2/oauth2/v4"
@@ -28,6 +27,7 @@ func NewServer(cfg *Config, manager oauth2.Manager) *Server {
 	// default handlers
 	srv.ClientInfoHandler = ClientBasicHandler
 	srv.RefreshTokenResolveHandler = RefreshTokenFormResolveHandler
+	srv.AccessTokenResolveHandler = AccessTokenDefaultResolveHandler
 
 	srv.UserAuthorizationHandler = func(w http.ResponseWriter, r *http.Request) (string, error) {
 		return "", errors.ErrAccessDenied
@@ -58,6 +58,7 @@ type Server struct {
 	AuthorizeScopeHandler        AuthorizeScopeHandler
 	ResponseTokenHandler         ResponseTokenHandler
 	RefreshTokenResolveHandler   RefreshTokenResolveHandler
+	AccessTokenResolveHandler    AccessTokenResolveHandler
 }
 
 func (s *Server) handleError(w http.ResponseWriter, req *AuthorizeRequest, err error) error {
@@ -571,27 +572,12 @@ func (s *Server) GetErrorData(err error) (map[string]interface{}, int, http.Head
 	return data, statusCode, re.Header
 }
 
-// BearerAuth parse bearer token
-func (s *Server) BearerAuth(r *http.Request) (string, bool) {
-	auth := r.Header.Get("Authorization")
-	prefix := "Bearer "
-	token := ""
-
-	if auth != "" && strings.HasPrefix(auth, prefix) {
-		token = auth[len(prefix):]
-	} else {
-		token = r.FormValue("access_token")
-	}
-
-	return token, token != ""
-}
-
 // ValidationBearerToken validation the bearer tokens
 // https://tools.ietf.org/html/rfc6750
 func (s *Server) ValidationBearerToken(r *http.Request) (oauth2.TokenInfo, error) {
 	ctx := r.Context()
 
-	accessToken, ok := s.BearerAuth(r)
+	accessToken, ok := s.AccessTokenResolveHandler(r)
 	if !ok {
 		return nil, errors.ErrInvalidAccessToken
 	}

server/server_config.go

@@ -93,3 +93,13 @@ func (s *Server) SetAuthorizeScopeHandler(handler AuthorizeScopeHandler) {
 func (s *Server) SetResponseTokenHandler(handler ResponseTokenHandler) {
 	s.ResponseTokenHandler = handler
 }
+
+// SetRefreshTokenResolveHandler refresh token resolver
+func (s *Server) SetRefreshTokenResolveHandler(handler RefreshTokenResolveHandler) {
+	s.RefreshTokenResolveHandler = handler
+}
+
+// SetAccessTokenResolveHandler access token resolver
+func (s *Server) SetAccessTokenResolveHandler(handler AccessTokenResolveHandler) {
+	s.AccessTokenResolveHandler = handler
+}