"OAuth 2 in Action" Sample Code in Go
Motivation
As I am engaged in developing authorization server recently, I read "OAuth 2 in action" to acquire the prerequisite knowledge. The sample codes were written in JavaScript & Express, but since I've never seen them translated int Go, I rewrote it by myself for my study.
I first read the summary articles in order to understand OAuth without spending much time, but immediately it turned out to be a wrong way. The book "OAuth 2 in Action" takes much more time to read, but I felt it was perfect for the first study because it comprehensively explains from concept to implementation, security issues, and recent trends. OAuth is a mechanism that requires developers to implement complex details, and knowing the superficial flow is not enough to implement authorization servers.
MVP implementation of authorization code flow according to OAuth2.0, in Go
You can find the sample codes in my Github repository.
The original source code used Express as the framework and libraries like lodash. As I wrote in the README of the Github repository, I also adopted a popular library.
Te current progress is the part of the authorization code flow assuming a Web application only. In other words, up to Chapter 3. However, since it is basically not recommended to adopt patterns other than the authentication code flow, I decided to disclose it now.
The contents I want to implement in the future are as follows:
- Implementation when using JWT token
- Token Revocation
- Dynamic client registration
- Authentication using OAuth
- Implementation when using PoP token
Hope my attempt will be helpful to someone.
