dongzhang5787 2015-06-24 13:30
浏览 66

Golang Oauth2获取令牌范围

When using Golang's Oauth2 library:

https://godoc.org/golang.org/x/oauth2#Token

I exchange the authorisation code for access token and I get back this struct:

type Token struct {
    // AccessToken is the token that authorizes and authenticates
    // the requests.
    AccessToken string `json:"access_token"`

    // TokenType is the type of token.
    // The Type method returns either this or "Bearer", the default.
    TokenType string `json:"token_type,omitempty"`

    // RefreshToken is a token that's used by the application
    // (as opposed to the user) to refresh the access token
    // if it expires.
    RefreshToken string `json:"refresh_token,omitempty"`

    // Expiry is the optional expiration time of the access token.
    //
    // If zero, TokenSource implementations will reuse the same
    // token forever and RefreshToken or equivalent
    // mechanisms for that TokenSource will not be used.
    Expiry time.Time `json:"expiry,omitempty"`
    // contains filtered or unexported fields
}

Now when I am using this access token in my application, I need to know the scope for which the token was granted.

But I don't see any property or method to get the scope?

How to get the token's scope so I can limit user's permissions based on it?

I can see that the Config struct has Scopes slice:

type Config struct {
    // ClientID is the application's ID.
    ClientID string

    // ClientSecret is the application's secret.
    ClientSecret string

    // Endpoint contains the resource server's token endpoint
    // URLs. These are constants specific to each server and are
    // often available via site-specific packages, such as
    // google.Endpoint or github.Endpoint.
    Endpoint Endpoint

    // RedirectURL is the URL to redirect users going through
    // the OAuth flow, after the resource owner's URLs.
    RedirectURL string

    // Scope specifies optional requested permissions.
    Scopes []string
}

It seems to me there is no way to get scope from a token though?

Surely the point of scope is that it should be part of the access token in order to validate permissions?

See the spec: https://tools.ietf.org/html/rfc6749#page-23

  • 写回答

1条回答 默认 最新

  • dongshuo5101 2017-09-15 17:21
    关注

    this should do the trick

        func GetTokensScope(tokUrl string, clientId string, secret string) (string,error){
        body := bytes.NewBuffer([]byte("grant_type=client_credentials&client_id="+clientId+"&client_secret="+secret+"&response_type=token"))
        req, err := http.NewRequest("POST",tokUrl,body)
        req.Header.Set("Content-Type","application/x-www-form-urlencoded")  
        client := &http.Client{}
        resp, err := client.Do(req)
        if err != nil {
            return "",err
        }

        defer resp.Body.Close()
        rsBody, err := ioutil.ReadAll(resp.Body)
        type WithScope struct {
            Scope string `json:"scope"`
        }
        var dat WithScope
        err = json.Unmarshal(rsBody,&dat)
        if err != nil {
            return "",err
        }

        return dat.Scope,err
    }
    评论

报告相同问题?

悬赏问题

  • ¥50 potsgresql15备份问题
  • ¥15 Mac系统vs code使用phpstudy如何配置debug来调试php
  • ¥15 目前主流的音乐软件,像网易云音乐,QQ音乐他们的前端和后台部分是用的什么技术实现的?求解!
  • ¥60 pb数据库修改与连接
  • ¥15 spss统计中二分类变量和有序变量的相关性分析可以用kendall相关分析吗?
  • ¥15 拟通过pc下指令到安卓系统,如果追求响应速度,尽可能无延迟,是不是用安卓模拟器会优于实体的安卓手机?如果是,可以快多少毫秒?
  • ¥20 神经网络Sequential name=sequential, built=False
  • ¥16 Qphython 用xlrd读取excel报错
  • ¥15 单片机学习顺序问题!!
  • ¥15 ikuai客户端多拨vpn,重启总是有个别重拨不上