去 - 的oauth2无法获取令牌:坏请求
问题描述:
我写的回调处理程序与谷歌帐户登录:去 - 的oauth2无法获取令牌:坏请求
func GoogleCallbackHandler(w http.ResponseWriter, r *http.Request) {
conf:=&oauth2.Config{
ClientID:"700740834863-m4om9r91htn19htq2b6a05fu6vu4j7i5.apps.googleusercontent.com",
ClientSecret:"...-rB",
RedirectURL:"http://localhost:3000/auth/google/callback",
Scopes:[]string{"profile"},
Endpoint:google.Endpoint,
}
fmt.Println(conf.AuthCodeURL("state"))
code := r.URL.Query().Get("code")
token, err := conf.Exchange(oauth2.NoContext, code)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
client := conf.Client(oauth2.NoContext, token)
resp, err := client.Get("https://www.googleapis.com/userinfo/v2/me")
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
raw, err := ioutil.ReadAll(resp.Body)
defer resp.Body.Close()
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
var profile map[string]interface{}
if err := json.Unmarshal(raw, &profile); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
session, _ := util.GlobalSessions.SessionStart(w, r)
defer session.SessionRelease(w)
session.Set("id_token", token.Extra("id_token"))
session.Set("access_token", token.AccessToken)
session.Set("profile", profile)
// // Redirect to logged in page
http.Redirect(w, r, "/user", http.StatusMovedPermanently)
}
在main
,我所服务的处理
http.HandleFunc("/",route.IndexHandler)
http.HandleFunc("/auth/google/",route.GoogleCallbackHandler)
http.Handle("/user",negroni.New(
negroni.HandlerFunc(route.IsAuthenticated),
negroni.Wrap(http.HandlerFunc(route.UserHandler)),
))
我遇到我得到了同样的问题我的老问题: oauth2 cannot fetch token: bad request
oauth2: cannot fetch token: 400 Bad Request
Response: {
"error" : "invalid_request",
"error_description" : "Missing required parameter: code"
}
在我上次问这个问题后,我设法用上面的代码修复了它,成功地访问并获取了数据,但是昨晚它突然再次出现这个错误,我不明白为什么在最近几天工作后它不再工作使用完全相同的代码
如何从AuthCodeURL
获得code
?有没有办法让代码交换而不重定向到任何其他处理程序?我想要处理,在短短一个此处理所有的事情
答
我可以再增加一个处理器
var (
conf *oauth2.Config
)
func GoogleCallbackHandler(w http.ResponseWriter, r *http.Request) {
conf=&oauth2.Config{
ClientID:"700740834863-m4om9r91htn19htq2b6a05fu6vu4j7i5.apps.googleusercontent.com",
ClientSecret:"...-rB",
RedirectURL:"http://localhost:3000/auth/google/callback",
Scopes:[]string{"profile"},
Endpoint:google.Endpoint,
}
http.Redirect(w, r, conf.AuthCodeURL("state"), http.StatusMovedPermanently)
}
func GoogleLoginHandler(w http.ResponseWriter, r *http.Request) {
code := r.URL.Query().Get("code")
token, err := conf.Exchange(oauth2.NoContext, code)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
client := conf.Client(oauth2.NoContext, token)
resp, err := client.Get("https://www.googleapis.com/userinfo/v2/me")
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
raw, err := ioutil.ReadAll(resp.Body)
defer resp.Body.Close()
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
var profile map[string]interface{}
if err := json.Unmarshal(raw, &profile); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
session, _ := util.GlobalSessions.SessionStart(w, r)
defer session.SessionRelease(w)
session.Set("id_token", token.Extra("id_token"))
session.Set("access_token", token.AccessToken)
session.Set("profile", profile)
http.Redirect(w, r, "/user", http.StatusMovedPermanently)
}
打印出来(日志)的请求期间'code'价值解决它。它是空的吗? – elithrar
就是这样。我不知道为什么几天前,当我登录时,它记录了代码,令牌,甚至是个人资料 – necroface