Skip to content

syniol/golang-oauth2

BranchesTags

Repository files navigation

OAuth 2.1 Password Grant Type in Golang

workflow

Implementation of standard OAuth 2.1 for Password Grant type in Golang and its native HTTP server.

Healthcheck API

GET  oauth2/healthz HTTP/1.1
Host: 127.0.0.1
Content-Type: text/plain

Request:

curl -k --location --request GET 'https://127.0.0.1/healthz'

Response: Status code 200 (OK) and a simple body response ok indicates API is working and operational.

ok

Clients API

Clients endpoint is responsible for creating a new client/user to be inserted in database.

POST  oauth2/clients HTTP/1.1
Host: 127.0.0.1
Content-Type: application/json

Request:

curl -k --location --request POST 'https://127.0.0.1/oauth2/clients' \
--header 'Content-Type: application/json' \
--data-raw '{
    "username": "johndoe",
    "password": "johnspassword1"
}'

Response:

{
  "client_id": "a9a6b145-fafe-415c-a92e-c79cbd57567d"
}

Token API

After client registration you can create a token sending a POST request to this endpoint.

POST  oauth2/token HTTP/1.1
Host: 127.0.0.1
Content-Type: application/x-www-form-urlencoded

Request:

curl -k --location --request POST 'https://127.0.0.1/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'username=johndoe' \
--data-urlencode 'password=johnspassword1'

Response:

{
  "access_token": "MmVjZGFiNmY4Y2E2OTQ1ZWNmMGYz...FkMDM=",
  "token_type": "Bearer",
  "expires_in": 3600
}

Up & Running

There are a few commands available, you could explore the available options by running make. This should give you a glossary of available methods. For example to deploy the service, you can run:

  make deploy

Debug

In order to run debugger you could create a config on your IDE and enable DEBUG env variable in your local environment. You will need database & cache storage from docker; you could enable them with:

  make debug

img

Todos

  • Add more documents about this repository and RFC Standard for OAuth 2.1 especially for password_grant
  • Convert Http Error response to JSON response errors: []
  • Investigate possibility of volume share for Redis & Go (app) to share TLS certs
  • Separate the Docker network for proxy and app to exclude Database (Postgres) & Cache (Redis)
  • Increase code coverage

Credits

Author: Hadi Tajallaei

Copyright © 2023-2025 Syniol Limited. All rights reserved.

Please see a LICENSE file

About

OAuth 2.1 Password Grant Type implementation in Go

Topics

go docker redis golang postgres oauth2 authentication docker-compose postgresql redis-cache password-grant

Resources

Readme

License

View license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

Release v1.0.0 Latest
Aug 6, 2025

Packages

No packages published

Languages