如何正确使用Golang中的OAuth2来获取谷歌电子邮件 [英] How to get google e-mail using OAuth2 in Golang correctly
问题描述
我已经尝试使用OAuth成功验证 golang.com/x/oauth2
库。
//提供者变量是oauth2.Config
//范围是:https://www.googleapis.com/auth/userinfo.email
url:= provider .AuthCodeURL(``)//重定向URL
重定向到客户端后, auth_code
成功
auth_code:= ctx.Request.URL.RawQuery / / code = XXXX
if len(auth_code)> 5 {
auth_code = auth_code [5:] // XXXX
}
tok,err:= provider.Exchange(oauth2.NoContext,auth_code)
if err nil {
client:= provider.Client(oauth2.NoContext,tok)
email_url:= https://www.googleapis.com / auth / userinfo.email`
//Log.Describe (客户端)
响应,err:= client.Get(email_url)
if err == nil {
ctx.Render(`login_oauth`,response)
// handled = true
//Log.Describe(err)
我发现没有任何信息告诉电子邮件部分响应
( Body
为空): p>
{
Status:200 OK,
StatusCode:200,
Proto:HTTP / 1.1,
ProtoMajor:1,
ProtoMinor:1,
Header:{
Alternate-Protocol
443:quic,p = 0.5
,
Cache-Control:[
private,max-age = 0
],
Content-Type:[
text / plain
],
Date:[
Tue,2015年4月14日05:52:17 GMT
],
过期:[
2015年4月14日星期二05:52:17 GMT
,
服务器:[
GSE
],
X-Content-Type-Options:[
nosniff
],
X-Frame-Options: [
SAMEORIGIN
,
X-Xss-Protection:[
1; mode = block
},
Body:{},// empty !!!
ContentLength:-1,
TransferEncoding :[
chunked
],
Close:false,
Trailer:null,
Request:{
Method :GET,
URL:{
Scheme:https,
Opaque:,
User:null,
主机:www.googleapis.com,
路径:/auth/userinfo.email,
RawQuery:,
碎片:
,
Proto:HTTP / 1.1,
ProtoMajor:1,
ProtoMinor:1,
Header: {
Authorization:[
Bearer ya29.VQFRHDe21t7g2cUhN8sUwjpRRi10XldgLe0RFhMe2ZxgyRo7q90HoKES5WmcucwKqtjZdq_KvYjKiQ
]
},
Body:null,
ContentLength:0 ,
TransferEncoding:null,
Close:false,
Host:www.googleapis.com,
Form:null,
PostForm:null,
MultipartForm:null,
Trailer:null,
RemoteAddr:,
RequestURI:,
TLS:null
},
TLS :{
//真正长输出
}
}
第一个问题,如何正确获取电子邮件?而不使用Google+ API。
edit#2 我试过使用另一个范围
for oauth2.Config
:
https://www.googleapis。 com / auth / plus.profile.emails.read
https://www.googleapis.com/auth/plus.login
https://www.googleapis.com/auth/plus.me
并尝试使用更新的API检索电子邮件:
https://www.googleapis.com/plus/v1/people/me
但它给出 403禁止
编辑#3 我尝试过使用另一个作用域:
openid
个人资料
电子邮件
并尝试使用以下网址检索电子邮件:
https://www.googleapis.com/oauth2/v3/userinfo
,但它仍然像以前一样给出空的 Body
。
第二个问题,我可以重复使用 oauth2.Config
( provider
)另一位用户的变量?或者我应该为每个用户创建一个副本?
我不好,我应该阅读响应。 body
首先,例如:
response,err = client.Get(`https:// accounts.google.com / .well-known / openid-configuration`)
body,err:= ioutil.ReadAll(response.Body)
response.Body.Close()
根据这个文档,我们应该首先从该URL获取,然后从上面的结果中获取 userinfo_endpoint
来检索电子邮件,例如:
// json:= json_to_map(body)
//获取json [`userinfo_endpoint`]
// response,err = client.Get(json [`userinfo_endpoint`])
// body,err:= ioutil.ReadAll(response.Body)
// response.Body.Close()
// json = json_to_map(body)
// json [`email`]
对于第二个问题, oauth2.Config
结构是可重用的。
I've already tried to authenticate using OAuth sucessfully with golang.com/x/oauth2
library.
// provider variable is oauth2.Config
// scope is: https://www.googleapis.com/auth/userinfo.email
url := provider.AuthCodeURL(``) // redirect URL
after getting redirected back from the client, I send the auth_code
successfully
auth_code := ctx.Request.URL.RawQuery // code=XXXX
if len(auth_code) > 5 {
auth_code = auth_code[5:] // XXXX
}
tok, err := provider.Exchange(oauth2.NoContext, auth_code)
if err == nil {
client := provider.Client(oauth2.NoContext, tok)
email_url := `https://www.googleapis.com/auth/userinfo.email`
//Log.Describe(client)
response, err := client.Get(email_url)
if err == nil {
ctx.Render(`login_oauth`, response)
//handled = true
}
}
//Log.Describe(err)
I found nothing that tells the e-mail part on the response
(the Body
is empty):
{
"Status": "200 OK",
"StatusCode": 200,
"Proto": "HTTP/1.1",
"ProtoMajor": 1,
"ProtoMinor": 1,
"Header": {
"Alternate-Protocol": [
"443:quic,p=0.5"
],
"Cache-Control": [
"private, max-age=0"
],
"Content-Type": [
"text/plain"
],
"Date": [
"Tue, 14 Apr 2015 05:52:17 GMT"
],
"Expires": [
"Tue, 14 Apr 2015 05:52:17 GMT"
],
"Server": [
"GSE"
],
"X-Content-Type-Options": [
"nosniff"
],
"X-Frame-Options": [
"SAMEORIGIN"
],
"X-Xss-Protection": [
"1; mode=block"
]
},
"Body": {}, // empty!!!
"ContentLength": -1,
"TransferEncoding": [
"chunked"
],
"Close": false,
"Trailer": null,
"Request": {
"Method": "GET",
"URL": {
"Scheme": "https",
"Opaque": "",
"User": null,
"Host": "www.googleapis.com",
"Path": "/auth/userinfo.email",
"RawQuery": "",
"Fragment": ""
},
"Proto": "HTTP/1.1",
"ProtoMajor": 1,
"ProtoMinor": 1,
"Header": {
"Authorization": [
"Bearer ya29.VQFRHDe21t7g2cUhN8sUwjpRRi10XldgLe0RFhMe2ZxgyRo7q90HoKES5WmcucwKqtjZdq_KvYjKiQ"
]
},
"Body": null,
"ContentLength": 0,
"TransferEncoding": null,
"Close": false,
"Host": "www.googleapis.com",
"Form": null,
"PostForm": null,
"MultipartForm": null,
"Trailer": null,
"RemoteAddr": "",
"RequestURI": "",
"TLS": null
},
"TLS": {
// really long output
}
}
First question, how to get the e-mail correctly? without using Google+ API.
edit #2 I've tried using another scope
for oauth2.Config
:
https://www.googleapis.com/auth/plus.profile.emails.read
https://www.googleapis.com/auth/plus.login
https://www.googleapis.com/auth/plus.me
and try to retrieve the e-mail using newer API:
https://www.googleapis.com/plus/v1/people/me
but it gives 403 Forbidden
edit #3 I've tried using another scope:
openid
profile
email
and try to retrieve the e-mail using this URL:
https://www.googleapis.com/oauth2/v3/userinfo
but it still give empty Body
as before.
Second question, can I reuse the oauth2.Config
(provider
) variable for another user? or should I create a copies for each user?
My bad, I should read the response.Body
first, for example:
response, err = client.Get(`https://accounts.google.com/.well-known/openid-configuration`)
body, err := ioutil.ReadAll(response.Body)
response.Body.Close()
According to this document, we should fetch from that URL first, then fetch from userinfo_endpoint
from the result above to retrieve the e-mail, for example:
// json := json_to_map(body)
// get json[`userinfo_endpoint`]
// response, err = client.Get(json[`userinfo_endpoint`])
// body, err := ioutil.ReadAll(response.Body)
// response.Body.Close()
// json = json_to_map(body)
// json[`email`]
For the second question, the oauth2.Config
struct is reusable.
这篇关于如何正确使用Golang中的OAuth2来获取谷歌电子邮件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!