Addded context support

access.go

@@ -1,6 +1,7 @@
 package osin
 
 import (
+	"context"
 	"crypto/sha256"
 	"encoding/base64"
 	"errors"
@@ -151,6 +152,7 @@ func (s *Server) HandleAccessRequest(w *Response, r *http.Request) *AccessReques
 
 func (s *Server) handleAuthorizationCodeRequest(w *Response, r *http.Request) *AccessRequest {
 	// get client authentication
+	ctx := r.Context()
 	auth := s.getClientAuth(w, r, s.Config.AllowClientSecretInParams)
 	if auth == nil {
 		return nil
@@ -174,13 +176,13 @@ func (s *Server) handleAuthorizationCodeRequest(w *Response, r *http.Request) *A
 	}
 
 	// must have a valid client
-	if ret.Client = s.getClient(auth, w.Storage, w); ret.Client == nil {
+	if ret.Client = s.getClient(ctx, auth, w.Storage, w); ret.Client == nil {
 		return nil
 	}
 
 	// must be a valid authorization code
 	var err error
-	ret.AuthorizeData, err = w.Storage.LoadAuthorize(ret.Code)
+	ret.AuthorizeData, err = w.Storage.LoadAuthorize(ctx, ret.Code)
 	if err != nil {
 		s.setErrorAndLog(w, E_INVALID_GRANT, err, "auth_code_request=%s", "error loading authorize data")
 		return nil
@@ -285,6 +287,7 @@ func extraScopes(access_scopes, refresh_scopes string) bool {
 
 func (s *Server) handleRefreshTokenRequest(w *Response, r *http.Request) *AccessRequest {
 	// get client authentication
+	ctx := r.Context()
 	auth := s.getClientAuth(w, r, s.Config.AllowClientSecretInParams)
 	if auth == nil {
 		return nil
@@ -307,13 +310,13 @@ func (s *Server) handleRefreshTokenRequest(w *Response, r *http.Request) *Access
 	}
 
 	// must have a valid client
-	if ret.Client = s.getClient(auth, w.Storage, w); ret.Client == nil {
+	if ret.Client = s.getClient(ctx, auth, w.Storage, w); ret.Client == nil {
 		return nil
 	}
 
 	// must be a valid refresh code
 	var err error
-	ret.AccessData, err = w.Storage.LoadRefresh(ret.Code)
+	ret.AccessData, err = w.Storage.LoadRefresh(ctx, ret.Code)
 	if err != nil {
 		s.setErrorAndLog(w, E_INVALID_GRANT, err, "refresh_token=%s", "error loading access data")
 		return nil
@@ -356,6 +359,7 @@ func (s *Server) handleRefreshTokenRequest(w *Response, r *http.Request) *Access
 
 func (s *Server) handlePasswordRequest(w *Response, r *http.Request) *AccessRequest {
 	// get client authentication
+	ctx := r.Context()
 	auth := s.getClientAuth(w, r, s.Config.AllowClientSecretInParams)
 	if auth == nil {
 		return nil
@@ -379,7 +383,7 @@ func (s *Server) handlePasswordRequest(w *Response, r *http.Request) *AccessRequ
 	}
 
 	// must have a valid client
-	if ret.Client = s.getClient(auth, w.Storage, w); ret.Client == nil {
+	if ret.Client = s.getClient(ctx, auth, w.Storage, w); ret.Client == nil {
 		return nil
 	}
 
@@ -391,6 +395,7 @@ func (s *Server) handlePasswordRequest(w *Response, r *http.Request) *AccessRequ
 
 func (s *Server) handleClientCredentialsRequest(w *Response, r *http.Request) *AccessRequest {
 	// get client authentication
+	ctx := r.Context()
 	auth := s.getClientAuth(w, r, s.Config.AllowClientSecretInParams)
 	if auth == nil {
 		return nil
@@ -406,7 +411,7 @@ func (s *Server) handleClientCredentialsRequest(w *Response, r *http.Request) *A
 	}
 
 	// must have a valid client
-	if ret.Client = s.getClient(auth, w.Storage, w); ret.Client == nil {
+	if ret.Client = s.getClient(ctx, auth, w.Storage, w); ret.Client == nil {
 		return nil
 	}
 
@@ -418,6 +423,7 @@ func (s *Server) handleClientCredentialsRequest(w *Response, r *http.Request) *A
 
 func (s *Server) handleAssertionRequest(w *Response, r *http.Request) *AccessRequest {
 	// get client authentication
+	ctx := r.Context()
 	auth := s.getClientAuth(w, r, s.Config.AllowClientSecretInParams)
 	if auth == nil {
 		return nil
@@ -441,7 +447,7 @@ func (s *Server) handleAssertionRequest(w *Response, r *http.Request) *AccessReq
 	}
 
 	// must have a valid client
-	if ret.Client = s.getClient(auth, w.Storage, w); ret.Client == nil {
+	if ret.Client = s.getClient(ctx, auth, w.Storage, w); ret.Client == nil {
 		return nil
 	}
 
@@ -453,6 +459,7 @@ func (s *Server) handleAssertionRequest(w *Response, r *http.Request) *AccessReq
 
 func (s *Server) FinishAccessRequest(w *Response, r *http.Request, ar *AccessRequest) {
 	// don't process if is already an error
+	ctx := r.Context()
 	if w.IsError {
 		return
 	}
@@ -489,22 +496,22 @@ func (s *Server) FinishAccessRequest(w *Response, r *http.Request, ar *AccessReq
 		}
 
 		// save access token
-		if err = w.Storage.SaveAccess(ret); err != nil {
+		if err = w.Storage.SaveAccess(ctx, ret); err != nil {
 			s.setErrorAndLog(w, E_SERVER_ERROR, err, "finish_access_request=%s", "error saving access token")
 			return
 		}
 
 		// remove authorization token
 		if ret.AuthorizeData != nil {
-			w.Storage.RemoveAuthorize(ret.AuthorizeData.Code)
+			w.Storage.RemoveAuthorize(ctx, ret.AuthorizeData.Code)
 		}
 
 		// remove previous access token
 		if ret.AccessData != nil && !s.Config.RetainTokenAfterRefresh {
 			if ret.AccessData.RefreshToken != "" {
-				w.Storage.RemoveRefresh(ret.AccessData.RefreshToken)
+				w.Storage.RemoveRefresh(ctx, ret.AccessData.RefreshToken)
 			}
-			w.Storage.RemoveAccess(ret.AccessData.AccessToken)
+			w.Storage.RemoveAccess(ctx, ret.AccessData.AccessToken)
 		}
 
 		// output data
@@ -526,8 +533,9 @@ func (s *Server) FinishAccessRequest(w *Response, r *http.Request, ar *AccessReq
 
 // getClient looks up and authenticates the basic auth using the given
 // storage. Sets an error on the response if auth fails or a server error occurs.
-func (s Server) getClient(auth *BasicAuth, storage Storage, w *Response) Client {
-	client, err := storage.GetClient(auth.Username)
+func (s Server) getClient(ctx context.Context, auth *BasicAuth, storage Storage, w *Response) Client {
+
+	client, err := storage.GetClient(ctx, auth.Username)
 	if err == ErrNotFound {
 		s.setErrorAndLog(w, E_UNAUTHORIZED_CLIENT, nil, "get_client=%s", "not found")
 		return nil

access_test.go

@@ -1,6 +1,7 @@
 package osin
 
 import (
+	"context"
 	"net/http"
 	"net/url"
 	"testing"
@@ -79,7 +80,7 @@ func TestAccessRefreshToken(t *testing.T) {
 	}
 	//fmt.Printf("%+v", resp)
 
-	if _, err := server.Storage.LoadRefresh("r9999"); err == nil {
+	if _, err := server.Storage.LoadRefresh(req.Context(), "r9999"); err == nil {
 		t.Fatalf("token was not deleted")
 	}
 
@@ -130,7 +131,7 @@ func TestAccessRefreshTokenSaveToken(t *testing.T) {
 	}
 	//fmt.Printf("%+v", resp)
 
-	if _, err := server.Storage.LoadRefresh("r9999"); err != nil {
+	if _, err := server.Storage.LoadRefresh(req.Context(), "r9999"); err != nil {
 		t.Fatalf("token incorrectly deleted: %s", err.Error())
 	}
 
@@ -293,15 +294,15 @@ func TestGetClientWithoutMatcher(t *testing.T) {
 	storage := &TestingStorage{clients: map[string]Client{myclient.Id: myclient}}
 	sconfig := NewServerConfig()
 	server := NewServer(sconfig, storage)
-
+	ctx := context.Background()
 	// Ensure bad secret fails
 	{
 		auth := &BasicAuth{
 			Username: "myclient",
 			Password: "invalidsecret",
 		}
 		w := &Response{}
-		client := server.getClient(auth, storage, w)
+		client := server.getClient(ctx, auth, storage, w)
 		if client != nil {
 			t.Errorf("Expected error, got client: %v", client)
 		}
@@ -322,7 +323,7 @@ func TestGetClientWithoutMatcher(t *testing.T) {
 			Password: "nonexistent",
 		}
 		w := &Response{}
-		client := server.getClient(auth, storage, w)
+		client := server.getClient(ctx, auth, storage, w)
 		if client != nil {
 			t.Errorf("Expected error, got client: %v", client)
 		}
@@ -343,7 +344,7 @@ func TestGetClientWithoutMatcher(t *testing.T) {
 			Password: "myclientsecret",
 		}
 		w := &Response{}
-		client := server.getClient(auth, storage, w)
+		client := server.getClient(ctx, auth, storage, w)
 		if client != myclient {
 			t.Errorf("Expected client, got nil with response: %v", w)
 		}
@@ -374,15 +375,15 @@ func TestGetClientSecretMatcher(t *testing.T) {
 	storage := &TestingStorage{clients: map[string]Client{myclient.Id: myclient}}
 	sconfig := NewServerConfig()
 	server := NewServer(sconfig, storage)
-
+	ctx := context.Background()
 	// Ensure bad secret fails, but does not panic (doesn't call GetSecret)
 	{
 		auth := &BasicAuth{
 			Username: "myclient",
 			Password: "invalidsecret",
 		}
 		w := &Response{}
-		client := server.getClient(auth, storage, w)
+		client := server.getClient(ctx, auth, storage, w)
 		if client != nil {
 			t.Errorf("Expected error, got client: %v", client)
 		}
@@ -395,7 +396,7 @@ func TestGetClientSecretMatcher(t *testing.T) {
 			Password: "myclientsecret",
 		}
 		w := &Response{}
-		client := server.getClient(auth, storage, w)
+		client := server.getClient(ctx, auth, storage, w)
 		if client != myclient {
 			t.Errorf("Expected client, got nil with response: %v", w)
 		}
@@ -437,12 +438,13 @@ func TestAccessAuthorizationCodePKCE(t *testing.T) {
 	}
 
 	for k, test := range testcases {
+		ctx := context.Background()
 		testStorage := NewTestingStorage()
 		sconfig := NewServerConfig()
 		sconfig.AllowedAccessTypes = AllowedAccessType{AUTHORIZATION_CODE}
 		server := NewServer(sconfig, testStorage)
 		server.AccessTokenGen = &TestingAccessTokenGen{}
-		server.Storage.SaveAuthorize(&AuthorizeData{
+		server.Storage.SaveAuthorize(ctx, &AuthorizeData{
 			Client:              testStorage.clients["public-client"],
 			Code:                "pkce-code",
 			ExpiresIn:           3600,

authorize.go

@@ -105,7 +105,7 @@ type AuthorizeTokenGen interface {
 // authorization requests
 func (s *Server) HandleAuthorizeRequest(w *Response, r *http.Request) *AuthorizeRequest {
 	r.ParseForm()
-
+	ctx := r.Context()
 	// create the authorization request
 	unescapedUri, err := url.QueryUnescape(r.FormValue("redirect_uri"))
 	if err != nil {
@@ -123,7 +123,7 @@ func (s *Server) HandleAuthorizeRequest(w *Response, r *http.Request) *Authorize
 	}
 
 	// must have a valid client
-	ret.Client, err = w.Storage.GetClient(r.FormValue("client_id"))
+	ret.Client, err = w.Storage.GetClient(ctx, r.FormValue("client_id"))
 	if err == ErrNotFound {
 		w.SetErrorState(E_UNAUTHORIZED_CLIENT, "", ret.State)
 		return nil
@@ -153,7 +153,7 @@ func (s *Server) HandleAuthorizeRequest(w *Response, r *http.Request) *Authorize
 		w.InternalError = err
 		return nil
 	} else {
-		ret.RedirectUri =  realRedirectUri
+		ret.RedirectUri = realRedirectUri
 	}
 
 	w.SetRedirect(ret.RedirectUri)
@@ -207,6 +207,7 @@ func (s *Server) HandleAuthorizeRequest(w *Response, r *http.Request) *Authorize
 
 func (s *Server) FinishAuthorizeRequest(w *Response, r *http.Request, ar *AuthorizeRequest) {
 	// don't process if is already an error
+	ctx := r.Context()
 	if w.IsError {
 		return
 	}
@@ -260,7 +261,7 @@ func (s *Server) FinishAuthorizeRequest(w *Response, r *http.Request, ar *Author
 			ret.Code = code
 
 			// save authorization token
-			if err = w.Storage.SaveAuthorize(ret); err != nil {
+			if err = w.Storage.SaveAuthorize(ctx, ret); err != nil {
 				w.SetErrorState(E_SERVER_ERROR, "", ar.State)
 				w.InternalError = err
 				return

authorize_test.go

@@ -227,7 +227,7 @@ func TestAuthorizeCodePKCEPlain(t *testing.T) {
 		t.Fatalf("Unexpected authorization code: %s", code)
 	}
 
-	token, err := server.Storage.LoadAuthorize(code)
+	token, err := server.Storage.LoadAuthorize(req.Context(), code)
 	if err != nil {
 		t.Fatalf("Unexpected error: %s", err)
 	}
@@ -283,7 +283,7 @@ func TestAuthorizeCodePKCES256(t *testing.T) {
 		t.Fatalf("Unexpected authorization code: %s", code)
 	}
 
-	token, err := server.Storage.LoadAuthorize(code)
+	token, err := server.Storage.LoadAuthorize(req.Context(), code)
 	if err != nil {
 		t.Fatalf("Unexpected error: %s", err)
 	}

example/complete/complete.go

@@ -5,10 +5,11 @@ package main
 
 import (
 	"fmt"
-	"github.com/RangelReale/osin"
-	"github.com/RangelReale/osin/example"
 	"net/http"
 	"net/url"
+
+	"github.com/RangelReale/osin"
+	"github.com/RangelReale/osin/example"
 )
 
 func main() {

example/openidconnect/openidconnect.go

@@ -16,8 +16,6 @@ import (
 
 	"github.com/RangelReale/osin"
 	"github.com/RangelReale/osin/example"
-
-	"gopkg.in/square/go-jose.v1"
 )
 
 var (

example/osincliclient/osincliclient.go

@@ -6,10 +6,11 @@ package main
 
 import (
 	"fmt"
+	"net/http"
+
 	"github.com/RangelReale/osin"
 	"github.com/RangelReale/osin/example"
 	"github.com/RangelReale/osincli"
-	"net/http"
 )
 
 func main() {

example/simple/simple.go

@@ -5,10 +5,11 @@ package main
 
 import (
 	"fmt"
-	"github.com/RangelReale/osin"
-	"github.com/RangelReale/osin/example"
 	"net/http"
 	"net/url"
+
+	"github.com/RangelReale/osin"
+	"github.com/RangelReale/osin/example"
 )
 
 func main() {

example/teststorage.go

@@ -2,6 +2,7 @@ package example
 
 import (
 	"fmt"
+
 	"github.com/RangelReale/osin"
 )
 

info.go

@@ -15,6 +15,7 @@ type InfoRequest struct {
 // NOT an RFC specification.
 func (s *Server) HandleInfoRequest(w *Response, r *http.Request) *InfoRequest {
 	r.ParseForm()
+	ctx := r.Context()
 	bearer := CheckBearerAuth(r)
 	if bearer == nil {
 		s.setErrorAndLog(w, E_INVALID_REQUEST, nil, "handle_info_request=%s", "bearer is nil")
@@ -34,7 +35,7 @@ func (s *Server) HandleInfoRequest(w *Response, r *http.Request) *InfoRequest {
 	var err error
 
 	// load access data
-	ret.AccessData, err = w.Storage.LoadAccess(ret.Code)
+	ret.AccessData, err = w.Storage.LoadAccess(ctx, ret.Code)
 	if err != nil {
 		s.setErrorAndLog(w, E_INVALID_REQUEST, err, "handle_info_request=%s", "failed to load access data")
 		return nil