forked from matthewhartstonge/storage
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.go
95 lines (79 loc) · 2.8 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
package main
import (
"context"
"fmt"
"net/http"
"os"
"os/exec"
"os/signal"
"sync"
"github.com/ory/fosite-example/authorizationserver"
"github.com/ory/fosite-example/oauth2client"
"github.com/ory/fosite-example/resourceserver"
log "github.com/sirupsen/logrus"
goauth "golang.org/x/oauth2"
"golang.org/x/oauth2/clientcredentials"
)
// A valid oauth2 client (check the store) that additionally requests an OpenID Connect id token
var clientConf = goauth.Config{
ClientID: "my-client",
ClientSecret: "foobar",
RedirectURL: "http://localhost:3846/callback",
Scopes: []string{"photos", "openid", "offline"},
Endpoint: goauth.Endpoint{
TokenURL: "http://localhost:3846/oauth2/token",
AuthURL: "http://localhost:3846/oauth2/auth",
},
}
// The same thing (valid oauth2 client) but for using the client credentials grant
var appClientConf = clientcredentials.Config{
ClientID: "my-client",
ClientSecret: "foobar",
Scopes: []string{"fosite"},
TokenURL: "http://localhost:3846/oauth2/token",
}
func main() {
// configure HTTP server.
port := "3846"
if os.Getenv("PORT") != "" {
port = os.Getenv("PORT")
}
srv := &http.Server{Addr: ":" + port}
// ### oauth2 storage ###
defer authorizationserver.TeardownMongo()
// ### oauth2 server ###
authorizationserver.RegisterHandlers() // the authorization server (fosite)
// ### oauth2 client ###
http.HandleFunc("/", oauth2client.HomeHandler(clientConf)) // show some links on the index
// the following handlers are oauth2 consumers
http.HandleFunc("/client", oauth2client.ClientEndpoint(appClientConf)) // complete a client credentials flow
http.HandleFunc("/owner", oauth2client.OwnerHandler(clientConf)) // complete a resource owner password credentials flow
http.HandleFunc("/callback", oauth2client.CallbackHandler(clientConf)) // the oauth2 callback endpoint
// ### protected resource ###
http.HandleFunc("/protected", resourceserver.ProtectedEndpoint(appClientConf))
fmt.Println("Please open your webbrowser at http://localhost:" + port)
_ = exec.Command("open", "http://localhost:"+port).Run()
wg := sync.WaitGroup{}
wg.Add(1)
go func() {
defer wg.Done()
if err := srv.ListenAndServe(); err != http.ErrServerClosed {
// unexpected error
log.WithError(err).Error("error starting http server!")
}
}()
// Set up signal capturing to know when the server is being killed..
stop := make(chan os.Signal, 1)
signal.Notify(stop, os.Interrupt)
// Wait for SIGINT (pkill -2)
<-stop
// Gracefully shutdown the HTTP server..
log.Info("shutting down server...")
if err := srv.Shutdown(context.TODO()); err != nil {
// failure/timeout shutting down the server gracefully
log.WithError(err).Error("error gracefully shutting down http server")
}
// wait for graceful shutdown..
wg.Wait()
log.Error("server stopped!")
}