dongying9756 2018-09-15 05:27
浏览 114
已采纳

无法从Docker容器内的Google API交换AccessToken

I have a web app written in Go, use oauth2 (package golang.org/x/oauth2) to sign user in by Google (follow this tutorial https://developers.google.com/identity/sign-in/web/server-side-flow).

When I test app on local, it works fine but when I deploy app and run inside a Docker container (base on alpine:latest, run binary file), it has an error: Post https://accounts.google.com/o/oauth2/token: x509: certificate signed by unknown authority

Here is my code to exchange the accessToken:

ctx = context.Background()

config := &oauth2.Config{
    ClientID:     config.GoogleClientId,
    ClientSecret: config.GoogleClientSecret,
    RedirectURL:  config.GoogleLoginRedirectUrl,
    Endpoint:     google.Endpoint,
    Scopes:       []string{"email", "profile"},
}

accessToken, err := config.Exchange(ctx, req.Code)
if err != nil {
    log.Println(err.Error())   // Error here
}
  • 写回答

2条回答 默认 最新

  • douzha5990 2018-09-19 03:17
    关注

    The problem is not caused by Go but Alpine image.

    Default Alpine image does not have certificates so the app cannot call to https address (this case is https://accounts.google.com/o/oauth2/token).

    To fix this problem, install 2 packages openssl and ca-certificates. Example in Dockerfile:

    apk add --no-cache ca-certificates openssl
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 C#算法问题, 不知道怎么处理这个数据的转换
  • ¥15 YoloV5 第三方库的版本对照问题
  • ¥15 请完成下列相关问题!
  • ¥15 drone 推送镜像时候 purge: true 推送完毕后没有删除对应的镜像,手动拷贝到服务器执行结果正确在样才能让指令自动执行成功删除对应镜像,如何解决?
  • ¥15 求daily translation(DT)偏差订正方法的代码
  • ¥15 js调用html页面需要隐藏某个按钮
  • ¥15 ads仿真结果在圆图上是怎么读数的
  • ¥20 Cotex M3的调试和程序执行方式是什么样的?
  • ¥20 java项目连接sqlserver时报ssl相关错误
  • ¥15 一道python难题3