Hi, I am pretty new to using golang, and I am trying to implement an oauth2 authorization server. The goal is to grant clients access to information on a resource webserver using this protocol. Also, this auth2 implementation will be between two api services, so there is no need for a gui. What I want to implement is a service where the client (being another api service) will sent a username, password, and scope used for authorization, then have the authorization server return a token that can be used to access resources on the webserver.
Has anybody used the server library @ https://github.com/RangelReale/osin? Also, suggestions would be welcomed, as well as other libraries to look at.
I was recently looking to implement authentication in Go APIs. I decided to use JSON Web Tokens and this package but It seems our cases are a little different as you are looking for authorization.
Before my decision, I also searched a little about OAuth 2.
If you are looking for a ready-made solution there’s Hydra. Unfortunately I did not try it very much so I cannot comment on how good it is but it looks quite promising.
When it comes to implementing OAuth 2, it seems osin is indeed your best bet as it seems to be the most mature and supports many different backends.
If you are working just with Postgres you might also want to check out go-oauth2-server.
There is also oauth2 that supports Redis, MongoDB and BuntDB (which is written in Go!).
(Disclaimer: I haven’t used any of the OAuth 2 libraries so please take my words with a grain of salt.)