问题

在我的用例中，我需要向Google OAuth重定向URL添加一个查询参数。我正在以以下方式添加一个键为redirect的查询参数：

var (
    googleRedirectURL = "http://127.0.0.1:8080/oauth-callback/google"
    oauthCfg = &oauth2.Config{
        ClientID:     "XXXXXXXXXX",
        ClientSecret: "XXXXXXXXXX",
        Endpoint:     google.Endpoint,
        RedirectURL:  "http://127.0.0.1:8080/oauth-callback/google",
        Scopes:       []string{"https://www.googleapis.com/auth/userinfo.profile", "https://www.googleapis.com/auth/userinfo.email"},
    }
    //random string for oauth2 API calls to protect against CSRF
    googleOauthStateString = getUUID()
)

const profileInfoURL = "https://www.googleapis.com/oauth2/v1/userinfo?alt=json"

func HandleGoogleLogin(w http.ResponseWriter, r *http.Request) {
    redirect := strings.TrimSpace(r.FormValue("redirect"))
    if redirect == "" {
        httpErrorf(w, "HandleGoogleLogin() :: Missing redirect value for /login")
        return
    }
    q := url.Values{
        "redirect": {redirect},
    }.Encode()
    
    //params := '{\"redirect\": '+redirect+'}'
    log.Printf("HandleGoogleLogin() :: redirect %s ", q)

    //param     := oauth2.SetAuthURLParam("redirect", q)
    // url     := oauthCfg.AuthCodeURL("state", param)

    //append the redirect URL to the request
    oauthCfg.RedirectURL = googleRedirectURL
    url := oauthCfg.AuthCodeURL("state")
    url = oauthCfg.AuthCodeURL(googleOauthStateString, oauth2.AccessTypeOnline)
    url = url + "?redirct=" + q
    http.Redirect(w, r, url, http.StatusTemporaryRedirect)
}

但是这会将重定向参数附加到URL的状态参数上。因此，当我比较状态码oauthCfg.AuthCodeURL("state")时，值会有所不同。我的意思是以下检查：

state := r.FormValue("state")
log.Printf("HandleGoogleCallback() :: state string %s ", state)
if state != googleOauthStateString {
    log.Printf("invalid oauth state, expected '%s', got '%s'\n", googleOauthStateString, state)
    http.Redirect(w, r, "/", http.StatusTemporaryRedirect)
    return
}

我可以使用?分隔符拆分字符串以获取状态值。但是我认为在Google OAuth中添加查询参数到重定向URL的方法应该有一个标准的方式。有人能给出一些建议吗？

英文:

In my use case I have to add a query param to google oauth redirect URL. I am adding a query param with key as redirect. I am trying to add in the following way,

var (
	googleRedirectURL = &quot;http://127.0.0.1:8080/oauth-callback/google&quot;
	oauthCfg = &amp;oauth2.Config{
		ClientID:     &quot;XXXXXXXXXX&quot;,
		ClientSecret: &quot;XXXXXXXXXX&quot;,
		Endpoint:     google.Endpoint,
		RedirectURL:  &quot;http://127.0.0.1:8080/oauth-callback/google&quot;,
		Scopes:       []string{&quot;https://www.googleapis.com/auth/userinfo.profile&quot;, &quot;https://www.googleapis.com/auth/userinfo.email&quot;},
	}
	//random string for oauth2 API calls to protect against CSRF
	googleOauthStateString = getUUID()
)

const profileInfoURL = &quot;https://www.googleapis.com/oauth2/v1/userinfo?alt=json&quot;

func HandleGoogleLogin(w http.ResponseWriter, r *http.Request) {
	redirect := strings.TrimSpace(r.FormValue(&quot;redirect&quot;))
	if redirect == &quot;&quot; {
		httpErrorf(w, &quot;HandleGoogleLogin() :: Missing redirect value for /login&quot;)
		return
	}
	q := url.Values{
		&quot;redirect&quot;: {redirect},
	}.Encode()
	
	//params := &#39;{&quot;redirect&quot;: &#39;+redirect+&#39;}&#39;
	log.Printf(&quot;HandleGoogleLogin() :: redirect %s &quot;, q)

	//param 	:= oauth2.SetAuthURLParam(&quot;redirect&quot;, q)
	// url 	:= oauthCfg.AuthCodeURL(&quot;state&quot;, param)

	//append the redirect URL to the request
	oauthCfg.RedirectURL = googleRedirectURL
	url := oauthCfg.AuthCodeURL(&quot;state&quot;)
	url = oauthCfg.AuthCodeURL(googleOauthStateString, oauth2.AccessTypeOnline)
	url = url + &quot;?redirct=&quot; + q
	http.Redirect(w, r, url, http.StatusTemporaryRedirect)
}

But this is appending the redirect param to the state param of the url. So when I compare the state code oauthCfg.AuthCodeURL("state") the value differs. I mean the following check.

state := r.FormValue(&quot;state&quot;)
log.Printf(&quot;HandleGoogleCallback() :: state string %s &quot;, state)
if state != googleOauthStateString {
	log.Printf(&quot;invalid oauth state, expected &#39;%s&#39;, got &#39;%s&#39;\n&quot;, googleOauthStateString, state)
	http.Redirect(w, r, &quot;/&quot;, http.StatusTemporaryRedirect)
	return
}

I can split the string to get the state value using ? delimiter. But I thought there must be a standard way of adding query param to redirect url in google oauth. Could someone give some suggestions on this?

答案1

得分: 2

我认为你离答案很近。这对我有用：

hostDomainOption := oauth2.SetAuthURLParam("hd", "example.com")

authUrl := oAuthConfig.AuthCodeURL("state",
    oauth2.AccessTypeOffline,
    hostDomainOption)

我认为你可能卡在了注意到AuthCodeURL方法是可变参数的地方。

英文:

I think you're close. This worked for me:

hostDomainOption := oauth2.SetAuthURLParam(&quot;hd&quot;, &quot;example.com&quot;)

authUrl := oAuthConfig.AuthCodeURL(&quot;state&quot;,
    oauth2.AccessTypeOffline,
    hostDomainOption)

I think where you might have been stuck is noticing that the AuthCodeURL method is variadic.

通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库，让每个人都能够通过互相帮助和分享经验来进步。

How to add query params to google oauth in golang?

问题

答案1

golang goroutine use SSHAgent auth doesn't work well and throw some unexpect panic

模块化代码在Go中是如何工作的？

Golang的JSON路由配置

为什么 fmt.Fscan 不能将小写字母读取为字节值？

What's the correct way to type hint an empty list as a literal in python?

如何在Highcharts Gantt中更改本地化的星期名称

如何在同一个流中使用多个过滤器和映射函数？

如何使用Map/Set来将代码优化到O(n)？

.NET MAUI Android在GitHub Actions上构建失败，错误代码为1。

如何在Playwright视觉比较中屏蔽多个定位器？

在C++中，可以使用可变模板参数来检索类型的内部类型。

selenium.common.exceptions.StaleElementReferenceException: Message: stale element reference: stale element not found

Creating and opening a URL to log in to Website via Basic Auth with Robot Framework/Selenium (Python)

AG Grid 在上下文菜单中以大文本形式打开

发表评论