英文:
golang Facebook authentication using golang.org/x/oauth2
问题
我正在尝试使用golang.org/x/oauth2包编写一个简单的程序。但是我似乎无法用授权码交换访问令牌。以下错误有点误导人,因为它说授权码已被使用,但每次调用登录对话框时我都会看到一个新的代码。我对golang还不熟悉,可能犯了一个基本的错误,任何指针都将非常有帮助 
clientOptions, err = oauth2.New(oauth2.Client("xxxxxx", "22222222222222"),oauth2.RedirectURL("http://localhost:3000/auth/cb/fb2"),oauth2.Scope("public_profile", "email", "user_friends"),oauth2.Endpoint("https://www.facebook.com/dialog/oauth","https://graph.facebook.com/oauth/access_token",),)func handleFBSetupOauth(w http.ResponseWriter, r *http.Request) {url := clientOptions.AuthCodeURL("state", "online", "auto")fmt.Printf("Visit the URL for the auth dialog: %v", url)http.Redirect(w, r, url, http.StatusFound)}func handleFBOauthCB(w http.ResponseWriter, r *http.Request) (int, string) {var err errorcode := r.FormValue("code")if code == "" {return 500, "No code!"}fmt.Printf("code - %s", code)t, err := clientOptions.NewTransportFromCode(code)if err != nil {log.Fatal(err)}client := http.Client{Transport: t}url := "https://graph.facebook.com/oauth/access_token?client_id=xxxxxxx&redirect_uri=http://localhost:3000/auth/cb/fb2&client_secret=22222222&code=" + code + ""resp, err := client.Get(url)
我从最后一个GET请求中得到以下错误 -
{"error":{"message":"This authorization code has been used.","type":"OAuthException","code":100}}
我正在遵循这两个指南 -
Facebook登录流程 -
https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/v2.2
最新的goauth文档 -
https://godoc.org/golang.org/x/oauth2
英文:
I am trying to write a simple program using the golang.org/x/oauth2 package. But I can't seem to exchange code for an access token. The following error is a bit misleading as it says the authorisation code has been used but I see a new code every time I invoke the login dialog. I am new to golang and I might be making a basic mistake, any pointers would be really helpful
clientOptions, err = oauth2.New(oauth2.Client("xxxxxx", "22222222222222"),oauth2.RedirectURL("http://localhost:3000/auth/cb/fb2"),oauth2.Scope("public_profile", "email", "user_friends"),oauth2.Endpoint("https://www.facebook.com/dialog/oauth","https://graph.facebook.com/oauth/access_token",),)func handleFBSetupOauth(w http.ResponseWriter, r *http.Request) {url := clientOptions.AuthCodeURL("state", "online", "auto")fmt.Printf("Visit the URL for the auth dialog: %v", url)http.Redirect(w, r, url, http.StatusFound)}func handleFBOauthCB(w http.ResponseWriter, r *http.Request) (int, string) {var err errorcode := r.FormValue("code")if code == "" {return 500, "No code!"}fmt.Printf("code - %s", code)t, err := clientOptions.NewTransportFromCode(code)if err != nil {log.Fatal(err)}client := http.Client{Transport: t}url := "https://graph.facebook.com/oauth/access_token?client_id=xxxxxxx&redirect_uri=http://localhost:3000/auth/cb/fb2&client_secret=22222222&code=" + code + ""resp, err := client.Get(url)
I get the following error from the last get request -
{"error":{"message":"This authorization code has been used.","type":"OAuthException","code":100}}
I am following these 2 guides -
Facebook login flow -
https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/v2.2
Latest goauth doc -
https://godoc.org/golang.org/x/oauth2
答案1
得分: 51
以下是一个简单的示例,帮助你入门:
package mainimport ("fmt""io/ioutil""log""net/http""net/url""strings""golang.org/x/oauth2""golang.org/x/oauth2/facebook")var (oauthConf = &oauth2.Config{ClientID: "YOUR_CLIENT_ID",ClientSecret: "YOUR_CLIENT_SECRET",RedirectURL: "YOUR_REDIRECT_URL_CALLBACK",Scopes: []string{"public_profile"},Endpoint: facebook.Endpoint,}oauthStateString = "thisshouldberandom")const htmlIndex = `<html><body>Logged in with <a href="/login">facebook</a></body></html>`func handleMain(w http.ResponseWriter, r *http.Request) {w.Header().Set("Content-Type", "text/html; charset=utf-8")w.WriteHeader(http.StatusOK)w.Write([]byte(htmlIndex))}func handleFacebookLogin(w http.ResponseWriter, r *http.Request) {Url, err := url.Parse(oauthConf.Endpoint.AuthURL)if err != nil {log.Fatal("Parse: ", err)}parameters := url.Values{}parameters.Add("client_id", oauthConf.ClientID)parameters.Add("scope", strings.Join(oauthConf.Scopes, " "))parameters.Add("redirect_uri", oauthConf.RedirectURL)parameters.Add("response_type", "code")parameters.Add("state", oauthStateString)Url.RawQuery = parameters.Encode()url := Url.String()http.Redirect(w, r, url, http.StatusTemporaryRedirect)}func handleFacebookCallback(w http.ResponseWriter, r *http.Request) {state := r.FormValue("state")if state != oauthStateString {fmt.Printf("invalid oauth state, expected '%s', got '%s'\n", oauthStateString, state)http.Redirect(w, r, "/", http.StatusTemporaryRedirect)return}code := r.FormValue("code")token, err := oauthConf.Exchange(oauth2.NoContext, code)if err != nil {fmt.Printf("oauthConf.Exchange() failed with '%s'\n", err)http.Redirect(w, r, "/", http.StatusTemporaryRedirect)return}resp, err := http.Get("https://graph.facebook.com/me?access_token=" +url.QueryEscape(token.AccessToken))if err != nil {fmt.Printf("Get: %s\n", err)http.Redirect(w, r, "/", http.StatusTemporaryRedirect)return}defer resp.Body.Close()response, err := ioutil.ReadAll(resp.Body)if err != nil {fmt.Printf("ReadAll: %s\n", err)http.Redirect(w, r, "/", http.StatusTemporaryRedirect)return}log.Printf("parseResponseBody: %s\n", string(response))http.Redirect(w, r, "/", http.StatusTemporaryRedirect)}func main() {http.HandleFunc("/", handleMain)http.HandleFunc("/login", handleFacebookLogin)http.HandleFunc("/oauth2callback", handleFacebookCallback)fmt.Print("Started running on http://localhost:9090\n")log.Fatal(http.ListenAndServe(":9090", nil))}
这是一个使用Go语言编写的简单示例,用于演示如何使用Facebook的OAuth2进行登录。你需要将其中的YOUR_CLIENT_ID、YOUR_CLIENT_SECRET和YOUR_REDIRECT_URL_CALLBACK替换为你自己的值。该示例创建了一个基本的Web服务器,当用户访问主页时,显示一个链接用于通过Facebook登录。用户点击链接后,将被重定向到Facebook的登录页面,登录成功后会返回一个授权码,然后通过授权码获取访问令牌,最后使用访问令牌获取用户信息。
英文:
Here is a simple example to get you started:
package mainimport ("fmt""io/ioutil""log""net/http""net/url""strings""golang.org/x/oauth2""golang.org/x/oauth2/facebook")var (oauthConf = &oauth2.Config{ClientID: "YOUR_CLIENT_ID",ClientSecret: "YOUR_CLIENT_SECRET",RedirectURL: "YOUR_REDIRECT_URL_CALLBACK",Scopes: []string{"public_profile"},Endpoint: facebook.Endpoint,}oauthStateString = "thisshouldberandom")const htmlIndex = `<html><body>Logged in with <a href="/login">facebook</a></body></html>`func handleMain(w http.ResponseWriter, r *http.Request) {w.Header().Set("Content-Type", "text/html; charset=utf-8")w.WriteHeader(http.StatusOK)w.Write([]byte(htmlIndex))}func handleFacebookLogin(w http.ResponseWriter, r *http.Request) {Url, err := url.Parse(oauthConf.Endpoint.AuthURL)if err != nil {log.Fatal("Parse: ", err)}parameters := url.Values{}parameters.Add("client_id", oauthConf.ClientID)parameters.Add("scope", strings.Join(oauthConf.Scopes, " "))parameters.Add("redirect_uri", oauthConf.RedirectURL)parameters.Add("response_type", "code")parameters.Add("state", oauthStateString)Url.RawQuery = parameters.Encode()url := Url.String()http.Redirect(w, r, url, http.StatusTemporaryRedirect)}func handleFacebookCallback(w http.ResponseWriter, r *http.Request) {state := r.FormValue("state")if state != oauthStateString {fmt.Printf("invalid oauth state, expected '%s', got '%s'\n", oauthStateString, state)http.Redirect(w, r, "/", http.StatusTemporaryRedirect)return}code := r.FormValue("code")token, err := oauthConf.Exchange(oauth2.NoContext, code)if err != nil {fmt.Printf("oauthConf.Exchange() failed with '%s'\n", err)http.Redirect(w, r, "/", http.StatusTemporaryRedirect)return}resp, err := http.Get("https://graph.facebook.com/me?access_token=" +url.QueryEscape(token.AccessToken))if err != nil {fmt.Printf("Get: %s\n", err)http.Redirect(w, r, "/", http.StatusTemporaryRedirect)return}defer resp.Body.Close()response, err := ioutil.ReadAll(resp.Body)if err != nil {fmt.Printf("ReadAll: %s\n", err)http.Redirect(w, r, "/", http.StatusTemporaryRedirect)return}log.Printf("parseResponseBody: %s\n", string(response))http.Redirect(w, r, "/", http.StatusTemporaryRedirect)}func main() {http.HandleFunc("/", handleMain)http.HandleFunc("/login", handleFacebookLogin)http.HandleFunc("/oauth2callback", handleFacebookCallback)fmt.Print("Started running on http://localhost:9090\n")log.Fatal(http.ListenAndServe(":9090", nil))}
答案2
得分: 0
我只会翻译你提供的文本,以下是翻译的结果:
我只是把它作为额外的补充放在这里,希望能为你节省一些时间:
要请求特定的权限,你需要在配置的Scopes字段中定义它们,就像上面的答案中一样:
// 设置 Facebook OAuth 配置
a.FacebookOauthConfig = &oauth2.Config{
ClientID: a.Config.FacebookClientID,
ClientSecret: a.Config.FacebookClientSecret,
RedirectURL: a.Config.FacebookRedirectURL,
Scopes: []string{"public_profile", "email"},
Endpoint: facebook.Endpoint,
}
但是,当请求资源服务器时,你需要显式地请求所需的字段,要特别注意fields=id,name,email:
// 使用令牌访问资源服务器
res, _ := http.Get("https://graph.facebook.com/me?fields=id,name,email&access_token=" + token.AccessToken)
我花了一些时间才弄清楚为什么我没有在响应中得到电子邮件。
此外,你可以自定义对话行为,通过为a.FacebookOauthConfig.AuthCodeURL提供auth_type查询参数的特定值。
oauth2包提供的辅助方法oauth2.SetAuthURLParam可以帮助你初始化oauth2.AuthCodeOption:
func (a *Auth) FacebookLoginHandler(c echo.Context) error {
DialogOption := oauth2.SetAuthURLParam("auth_type", "rerequest")// reauthorize - 总是需要权限// rerequest - 用于被拒绝/撤销的权限// reauthenticate - 总是要求用户确认密码url := a.FacebookOauthConfig.AuthCodeURL(a.Config.FacebookClientState, DialogOption)return c.Redirect(http.StatusTemporaryRedirect, url)
}
英文:
I'll just leave it here as a small addition to rated answer, hopefully, it saves you some time:
To request for certain permissions, you have to define them in config Scopes field, like in answer above:
// setup facebook oauth configa.FacebookOauthConfig = &oauth2.Config{ClientID: a.Config.FacebookClientID,ClientSecret: a.Config.FacebookClientSecret,RedirectURL: a.Config.FacebookRedirectURL,Scopes: []string{"public_profile", "email"},Endpoint: facebook.Endpoint,}
All tho, you need to request desired fields explicitly, when requesting resource server, close attention to fields=id,name,email:
// access resource server using tokenres, _ := http.Get("https://graph.facebook.com/me?fields=id,name,email&access_token=" + token.AccessToken)
Took me a while to figure out why I'm not getting email in response.
In addition, you can customise your dialogue behaviour, providing auth_type query parameter of certain value to a.FacebookOauthConfig.AuthCodeURL.
Helper method oauth2.SetAuthURLParam, provided by oauth2 package, helps you to initialise oauth2.AuthCodeOption:
func (a *Auth) FacebookLoginHandler(c echo.Context) error {DialogOption := oauth2.SetAuthURLParam("auth_type", "rerequest")// reauthorize - always has for permissions// rerequest - for declined/revoked permissions// reauthenticate - always as user to confirm passwordurl := a.FacebookOauthConfig.AuthCodeURL(a.Config.FacebookClientState, DialogOption)return c.Redirect(http.StatusTemporaryRedirect, url)}
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论