Programming language: Go
License: MIT License

scope alternatives and similar packages

Based on the "Authentication and OAuth" category.
Alternatively, view scope alternatives based on common mentions on social networks and blogs.

Do you think we are missing an alternative of scope or a related project?

Add another 'Authentication and OAuth' Package


Go Report Card GoDoc GoCover


Easily Manage OAuth2 Scopes In Go

Scope Matching Using Wildcard Strategy

import "github.com/SonicRoshan/scope"

scopeA := "read:user:*"
scopeB := "read:user:username"

doesMatch := scope.MatchScopes(scopeA, scopeB)

This strategy will work like this :-

  • users.* matches users.read
  • users.* matches users.read.foo
  • users.read matches users.read
  • users does not match users.read
  • users.read.* does not match users.read
  • users.*.* does not match users.read
  • users.*.* matches users.read.own
  • users.*.* matches users.read.own.other
  • users.read.* matches users.read.own
  • users.read.* matches users.read.own.other
  • users.write.* does not match users.read.own
  • users.*.bar matches users.baz.bar
  • users.*.bar does not users.baz.baz.bar

Filtering Struct For Read Request

When a client request certain data, this function will eliminate any data in the struct for which the client does not have a read scope.

type user struct {
    username string `readScope:"user:read:username"`
    email string `readScope:"user:read:email"`

func main() {
    output := user{username : "Test", email : "[email protected]"}
    scopesHeldByClient := []string{"user:read:username"}
    scope.FilterRead(output, scopesHeldByClient)

    // Now output.email will be nil as client does not have scope required to read email field

    output := user{username : "Test", email : "[email protected]"}
    scopesHeldByClient := []string{"user:read:*"}
    scope.FilterRead(&output, scopesHeldByClient)

    // Now none of the field in output will be nil as client has scopes to read everything in user struct