在Go语言中使用Martini进行Oauth2授权 – Reddit的ResponseWriter语法

huangapple go评论97阅读模式
英文:

Oauth2 in Go with Martini - ResponseWriter syntax for Reddit

问题

我已经在这个问题上纠结了两天,显然是漏掉了什么。我在后端/服务器开发方面有点笨拙,希望有人能指点我正确的方向。

  • 我有一个桌面应用程序(不是Go语言),它从Reddit发出OAuth2请求。
  • 我的应用程序中的OAuth2工作得很好,但是当Reddit访问我的服务器上的重定向URI时,流程失败了。
  • 我猜它在等待正确的ResponseWriter结果,而我十几次无能为力的尝试都没有成功。
  • 重定向URI访问我的服务器和回调函数(如下所示),然后什么都不做。

问题

  • 我做错了什么?
  • 变量“t”是我的授权码吗?我完成了吗(也就是说,你是个傻瓜!)?
  • 我可以将t的值直接写入我的非Go应用程序并完成吗?
  • 还是我漏掉了一步?
  • 注意:代码稍微简化了一下。

谢谢!

package main

import (
    "code.google.com/p/goauth2/oauth"
    "fmt"
    "github.com/codegangsta/martini"
    "io"
    "net/http"
)

var config = &oauth.Config{
    ClientId:     CLIENT_ID,
    ClientSecret: CLIENT_SECRET,
    Scope:        "identify",
    AuthURL:      "https://ssl.reddit.com/api/v1/authorize",
    TokenURL:     "https://ssl.reddit.com/api/v1/access_token",
    RedirectURL:  "http://localhost:3000/reddit_oauth",
}

func main() {
    m := martini.Classic()
    m.Get("/reddit_oauth", handleCallback)
    m.Run()
}

func handleCallback(w http.ResponseWriter, r *http.Request) {
    // 从响应中获取代码
    code := r.FormValue("code")

    // 用接收到的代码交换令牌
    t := &oauth.Transport{Config: config}
    t.Exchange(code)

    // 我完成了吗?
}

参考资料

其他

  • 为什么选择Martini?它看起来非常棒。
  • 为什么不只用OAuth2?因为我无知。
  • 为什么不用PHP/Python?因为,拜托!我正在尝试学习Go语言。(我非常喜欢它,并且取得了一些很好的结果,这增强了我的UI工作。)
英文:

I have been banging my head for two days on this and am clearly missing something. I am a bit of a doofus on backend/server development and hoping someone can point me in the right direction.

  • I have a desktop application (not Go) which makes an OAuth2 request from Reddit.
  • The OAuth2 in my application is working just fine however the flow fails when Reddit hit the redirect URI on my own server.
  • I am guessing it is waiting for the proper ResponseWriter result and none of my dozen incompetent attempts have worked.
  • The redirect URI hits my server and callback function (below) then does nothing.

Questions

  • Where am I going wrong?
  • Is variable "t" my auth code and am I done (aka, you are a buffoon!)?
  • Can I just write t's value to my non-Go app and be done?
  • Or am I missing a step?
  • Note: code slightly simplified.

Thanks!

package main

import (
    "code.google.com/p/goauth2/oauth"
    "fmt"
    "github.com/codegangsta/martini"
    "io"
    "net/http"
)

var config = &oauth.Config{
    ClientId:     CLIENT_ID,
    ClientSecret: CLIENT_SECRET,
    Scope:        "identify",
    AuthURL:      "https://ssl.reddit.com/api/v1/authorize",
    TokenURL:     "https://ssl.reddit.com/api/v1/access_token",
    RedirectURL:  "http://localhost:3000/reddit_oauth",
}

func main() {
    m := martini.Classic()
    m.Get("/reddit_oauth", handleCallback)
    m.Run()
}

func handleCallback(w http.ResponseWriter, r *http.Request) {
    //Get the code from the response
    code := r.FormValue("code")

    // Exchange the received code for a token
    t := &oauth.Transport{Config: config}
    t.Exchange(code)

    // Am I done?
}

Points of reference

Misc

  • Why Martini? It looks bloody great.
  • Why not just Oauth2? Because I am ignorant.
  • Why not PHP/Python? Because, c'mon! I am trying to learn Go. (I am loving it and getting some great results which enhances my UI work.)

答案1

得分: 1

好的,以下是翻译好的内容:

好的,答案主要在我的客户端应用程序中,这个应用程序不是用Go编写的,它在OAuth2请求中有一些缺失的方面。(为了不同的请求,正确设置头部也需要一些努力。)

我找到了Reddit OAuth2过程的最佳信息,可以在这里找到:http://www.reddit.com/r/redditdev/comments/197x36/using_oauth_to_send_valid_requests/

Reddit的响应仍然要求我提供ClientID和ClientSecret,我确信可以通过正确的ResponseWriter来提供这些信息,不过目前我只是将其复制/粘贴到一个弹出窗口中,这样我就可以专注于其他事情了!

当我解决了这个问题后,我会补充到这个答案中。

如果有人对任何更多的信息感兴趣,请随时提问。

再次感谢TomWilde和Elithrar!

英文:

Okay, the answer mostly sat in my client application--again, not Go--which had a few missing aspects in its OAuth2 request. (It also took a little effort to get the headers correct for the different requests.)

The best info for Reddit's OAuth2 process I found was here: http://www.reddit.com/r/redditdev/comments/197x36/using_oauth_to_send_valid_requests/

The response from Reddit still pings me asking for the ClientID and ClientSecret, which I am sure could be served via a proper ResponseWriter, though for the moment I am simply copy/pasting into a popup just so I can focus on something else!

When I get that squared away I will add to this answer.

If anyone is interested in any more information, please do not hesitate to ask.

Thanks again, TomWilde and Elithrar!

答案2

得分: 1

请查看martini-contrib页面上的OAuth2实现。

英文:

Checkout the martini-contrib page for an OAuth2 implementation.

huangapple
  • 本文由 发表于 2013年11月25日 02:57:52
  • 转载请务必保留本文链接:https://go.coder-hub.com/20179497.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定