Golang App-engine OAuth 授权

huangapple go评论90阅读模式
英文:

Golang App-engine OAuth Authorization

问题

我正在使用Go编写一个在Google App Engine上运行的Web应用程序,需要用户身份验证和授权才能访问一些用户数据。

我是否仍然需要使用goauth2和gorilla包来实现授权,还是在"appengine"和"appengine/user"包中有一些原生支持App Engine应用程序的Oauthorization功能?我不介意继续使用goauth2,但如果有更好的方法...

英文:

I am implementing an app-engine webapp written in Go that needs user authentication and authorization to access some user data on Google's APIs.

Do I still need to use the goauth2 and gorilla packages to implement authorization or is there some functionality in the "appengine" and "appengine/user" packages that implements Oauthorization natively for app-engine apps? I do not mind going ahead with goauth2, but if there is a better way...

答案1

得分: 2

你可以使用"appengine/user"包来进行OAuth身份验证,但是很抱歉,你必须自己实现授权部分。
关于使用"appengine/user"包进行OAuth身份验证,请参考https://developers.google.com/appengine/docs/go/oauth/#Go_OAuth_and_App_Engine。

英文:

You can use the "appengine/user" package for authentication with OAuth but I'm a fraid that you must implement authorization yourself.
For OAuth authentication with "appengine/user" package, see https://developers.google.com/appengine/docs/go/oauth/#Go_OAuth_and_App_Engine

答案2

得分: 2

以下是来自Google App Engine文档网站上的OAuth for Go Overview的示例:

import (
    "fmt"
    "net/http"

    "appengine"
    "appengine/user"
)

func welcome(w http.ResponseWriter, r *http.Request) {
    c := appengine.NewContext(r)
    u, err := user.CurrentOAuth(c, "")
    if err != nil {
        http.Error(w, "OAuth Authorization header required", http.StatusUnauthorized)
        return
    }
    if !u.Admin {
        http.Error(w, "Admin login only", http.StatusUnauthorized)
        return
    }
    fmt.Fprintf(w, "Welcome, admin user %s!", u)
}

看起来appengine/user包中有一个名为user.CurrentOAuth()的函数,提供了身份验证功能。

关于授权,有一个使用OpenID的示例在这里

需要注意的是,文档中指出:

请注意,使用OAuth来识别用户与标准用户身份验证模式完全无关。例如,如果用户仅通过OAuth进行身份验证,那些标记为login: requiredlogin: admin的页面将拒绝加载。

完整的Go GAE参考文档可在这里找到。

英文:

Here's an example from the OAuth for Go Overview on the Google App Engine Docs site:

import (
    "fmt"
    "net/http"

    "appengine"
    "appengine/user"
)

func welcome(w http.ResponseWriter, r *http.Request) {
    c := appengine.NewContext(r)
    u, err := user.CurrentOAuth(c, "")
    if err != nil {
        http.Error(w, "OAuth Authorization header required", http.StatusUnauthorized)
        return
    }
    if !u.Admin {
        http.Error(w, "Admin login only", http.StatusUnauthorized)
        return
    }
    fmt.Fprintf(w, `Welcome, admin user %s!`, u)
}

It looks like appengine/user has the function user.CurrentOAuth() to provide authentication functionality.

For authorization, there's an example using OpenID Here.

There is a caveat; The documentation states:

> Note that using OAuth to identify your users is completely orthogonal to the standard user authentication modes. For example, pages marked with login: required or login: admin will refuse to load if the user is only authenticated via OAuth.

Full Go GAE reference available Here.

huangapple
  • 本文由 发表于 2013年12月18日 17:08:37
  • 转载请务必保留本文链接:https://go.coder-hub.com/20653756.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定