Merge pull request #149 from wregis/custom-client-password-verifier

Allows client to use custom password verification

Author: LyricTian

manage/manager.go

@@ -256,9 +256,15 @@ func (m *Manager) GenerateAccessToken(ctx context.Context, gt oauth2.GrantType,
 	cli, err := m.GetClient(ctx, tgr.ClientID)
 	if err != nil {
 		return nil, err
+	}
+	if cliPass, ok := cli.(oauth2.ClientPasswordVerifier); ok {
+		if !cliPass.VerifyPassword(tgr.ClientSecret) {
+			return nil, errors.ErrInvalidClient
+		}
 	} else if tgr.ClientSecret != cli.GetSecret() {
 		return nil, errors.ErrInvalidClient
-	} else if tgr.RedirectURI != "" {
+	}
+	if tgr.RedirectURI != "" {
 		if err := m.validateURI(cli.GetDomain(), tgr.RedirectURI); err != nil {
 			return nil, err
 		}

model.go

@@ -13,6 +13,11 @@ type (
 		GetUserID() string
 	}
 
+	// ClientPasswordVerifier the password handler interface
+	ClientPasswordVerifier interface {
+		VerifyPassword(string) bool
+	}
+
 	// TokenInfo the token information model interface
 	TokenInfo interface {
 		New() TokenInfo