doujiao6116 2015-04-14 06:15
浏览 119
已采纳

如何在Golang中使用OAuth2正确获取Google电子邮件

I've already tried to authenticate using OAuth sucessfully with golang.com/x/oauth2 library.

// provider variable is oauth2.Config
// scope is: https://www.googleapis.com/auth/userinfo.email
url := provider.AuthCodeURL(``) // redirect URL

after getting redirected back from the client, I send the auth_code successfully

auth_code := ctx.Request.URL.RawQuery // code=XXXX
if len(auth_code) > 5 {
    auth_code = auth_code[5:] // XXXX
}
tok, err := provider.Exchange(oauth2.NoContext, auth_code)
if err == nil {
    client := provider.Client(oauth2.NoContext, tok)
    email_url := `https://www.googleapis.com/auth/userinfo.email`
    //Log.Describe(client)
    response, err := client.Get(email_url) 
    if err == nil {
        ctx.Render(`login_oauth`, response)
        //handled = true
    }
}
//Log.Describe(err)

I found nothing that tells the e-mail part on the response (the Body is empty):

{
    "Status": "200 OK",
    "StatusCode": 200,
    "Proto": "HTTP/1.1",
    "ProtoMajor": 1,
    "ProtoMinor": 1,
    "Header": {
        "Alternate-Protocol": [
            "443:quic,p=0.5"
        ],
        "Cache-Control": [
            "private, max-age=0"
        ],
        "Content-Type": [
            "text/plain"
        ],
        "Date": [
            "Tue, 14 Apr 2015 05:52:17 GMT"
        ],
        "Expires": [
            "Tue, 14 Apr 2015 05:52:17 GMT"
        ],
        "Server": [
            "GSE"
        ],
        "X-Content-Type-Options": [
            "nosniff"
        ],
        "X-Frame-Options": [
            "SAMEORIGIN"
        ],
        "X-Xss-Protection": [
            "1; mode=block"
        ]
    },
    "Body": {}, // empty!!!
    "ContentLength": -1,
    "TransferEncoding": [
        "chunked"
    ],
    "Close": false,
    "Trailer": null,
    "Request": {
        "Method": "GET",
        "URL": {
            "Scheme": "https",
            "Opaque": "",
            "User": null,
            "Host": "www.googleapis.com",
            "Path": "/auth/userinfo.email",
            "RawQuery": "",
            "Fragment": ""
        },
        "Proto": "HTTP/1.1",
        "ProtoMajor": 1,
        "ProtoMinor": 1,
        "Header": {
            "Authorization": [
                "Bearer ya29.VQFRHDe21t7g2cUhN8sUwjpRRi10XldgLe0RFhMe2ZxgyRo7q90HoKES5WmcucwKqtjZdq_KvYjKiQ"
            ]
        },
        "Body": null,
        "ContentLength": 0,
        "TransferEncoding": null,
        "Close": false,
        "Host": "www.googleapis.com",
        "Form": null,
        "PostForm": null,
        "MultipartForm": null,
        "Trailer": null,
        "RemoteAddr": "",
        "RequestURI": "",
        "TLS": null
    },
    "TLS": {
         // really long output
    }
}

First question, how to get the e-mail correctly? without using Google+ API.

edit #2 I've tried using another scope for oauth2.Config:

https://www.googleapis.com/auth/plus.profile.emails.read
https://www.googleapis.com/auth/plus.login
https://www.googleapis.com/auth/plus.me

and try to retrieve the e-mail using newer API:

https://www.googleapis.com/plus/v1/people/me

but it gives 403 Forbidden

edit #3 I've tried using another scope:

openid
profile
email

and try to retrieve the e-mail using this URL:

https://www.googleapis.com/oauth2/v3/userinfo

but it still give empty Body as before.

Second question, can I reuse the oauth2.Config (provider) variable for another user? or should I create a copies for each user?

  • 写回答

1条回答 默认 最新

  • doutang1946 2015-04-14 07:33
    关注

    My bad, I should read the response.Body first, for example:

    response, err = client.Get(`https://accounts.google.com/.well-known/openid-configuration`)
body, err := ioutil.ReadAll(response.Body)
response.Body.Close()

    According to this document, we should fetch from that URL first, then fetch from userinfo_endpoint from the result above to retrieve the e-mail, for example:

    // json := json_to_map(body)
// get json[`userinfo_endpoint`]
// response, err = client.Get(json[`userinfo_endpoint`])
// body, err := ioutil.ReadAll(response.Body)
// response.Body.Close()
// json = json_to_map(body)
// json[`email`]

    For the second question, the oauth2.Config struct is reusable.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥50 导入文件到网吧的电脑并且在重启之后不会被恢复
  • ¥15 (希望可以解决问题)ma和mb文件无法正常打开,打开后是空白,但是有正常内存占用,但可以在打开Maya应用程序后打开场景ma和mb格式。
  • ¥15 绘制多分类任务的roc曲线时只画出了一类的roc,其它的auc显示为nan
  • ¥20 ML307A在使用AT命令连接EMQX平台的MQTT时被拒绝
  • ¥20 腾讯企业邮箱邮件可以恢复么
  • ¥15 有人知道怎么将自己的迁移策略布到edgecloudsim上使用吗?
  • ¥15 错误 LNK2001 无法解析的外部符号
  • ¥50 安装pyaudiokits失败
  • ¥15 计组这些题应该咋做呀
  • ¥60 更换迈创SOL6M4AE卡的时候,驱动要重新装才能使用,怎么解决?