英文:
How to add query params to google oauth in golang?
问题
在我的用例中,我需要向Google OAuth重定向URL添加一个查询参数。我正在以以下方式添加一个键为redirect
的查询参数:
var (
googleRedirectURL = "http://127.0.0.1:8080/oauth-callback/google"
oauthCfg = &oauth2.Config{
ClientID: "XXXXXXXXXX",
ClientSecret: "XXXXXXXXXX",
Endpoint: google.Endpoint,
RedirectURL: "http://127.0.0.1:8080/oauth-callback/google",
Scopes: []string{"https://www.googleapis.com/auth/userinfo.profile", "https://www.googleapis.com/auth/userinfo.email"},
}
//random string for oauth2 API calls to protect against CSRF
googleOauthStateString = getUUID()
)
const profileInfoURL = "https://www.googleapis.com/oauth2/v1/userinfo?alt=json"
func HandleGoogleLogin(w http.ResponseWriter, r *http.Request) {
redirect := strings.TrimSpace(r.FormValue("redirect"))
if redirect == "" {
httpErrorf(w, "HandleGoogleLogin() :: Missing redirect value for /login")
return
}
q := url.Values{
"redirect": {redirect},
}.Encode()
//params := '{\"redirect\": '+redirect+'}'
log.Printf("HandleGoogleLogin() :: redirect %s ", q)
//param := oauth2.SetAuthURLParam("redirect", q)
// url := oauthCfg.AuthCodeURL("state", param)
//append the redirect URL to the request
oauthCfg.RedirectURL = googleRedirectURL
url := oauthCfg.AuthCodeURL("state")
url = oauthCfg.AuthCodeURL(googleOauthStateString, oauth2.AccessTypeOnline)
url = url + "?redirct=" + q
http.Redirect(w, r, url, http.StatusTemporaryRedirect)
}
但是这会将重定向参数附加到URL的状态参数上。因此,当我比较状态码oauthCfg.AuthCodeURL("state")
时,值会有所不同。我的意思是以下检查:
state := r.FormValue("state")
log.Printf("HandleGoogleCallback() :: state string %s ", state)
if state != googleOauthStateString {
log.Printf("invalid oauth state, expected '%s', got '%s'\n", googleOauthStateString, state)
http.Redirect(w, r, "/", http.StatusTemporaryRedirect)
return
}
我可以使用?
分隔符拆分字符串以获取状态值。但是我认为在Google OAuth中添加查询参数到重定向URL的方法应该有一个标准的方式。有人能给出一些建议吗?
英文:
In my use case I have to add a query param to google oauth redirect URL. I am adding a query param with key as redirect
. I am trying to add in the following way,
var (
googleRedirectURL = "http://127.0.0.1:8080/oauth-callback/google"
oauthCfg = &oauth2.Config{
ClientID: "XXXXXXXXXX",
ClientSecret: "XXXXXXXXXX",
Endpoint: google.Endpoint,
RedirectURL: "http://127.0.0.1:8080/oauth-callback/google",
Scopes: []string{"https://www.googleapis.com/auth/userinfo.profile", "https://www.googleapis.com/auth/userinfo.email"},
}
//random string for oauth2 API calls to protect against CSRF
googleOauthStateString = getUUID()
)
const profileInfoURL = "https://www.googleapis.com/oauth2/v1/userinfo?alt=json"
func HandleGoogleLogin(w http.ResponseWriter, r *http.Request) {
redirect := strings.TrimSpace(r.FormValue("redirect"))
if redirect == "" {
httpErrorf(w, "HandleGoogleLogin() :: Missing redirect value for /login")
return
}
q := url.Values{
"redirect": {redirect},
}.Encode()
//params := '{"redirect": '+redirect+'}'
log.Printf("HandleGoogleLogin() :: redirect %s ", q)
//param := oauth2.SetAuthURLParam("redirect", q)
// url := oauthCfg.AuthCodeURL("state", param)
//append the redirect URL to the request
oauthCfg.RedirectURL = googleRedirectURL
url := oauthCfg.AuthCodeURL("state")
url = oauthCfg.AuthCodeURL(googleOauthStateString, oauth2.AccessTypeOnline)
url = url + "?redirct=" + q
http.Redirect(w, r, url, http.StatusTemporaryRedirect)
}
But this is appending the redirect param to the state param of the url. So when I compare the state code oauthCfg.AuthCodeURL("state")
the value differs. I mean the following check.
state := r.FormValue("state")
log.Printf("HandleGoogleCallback() :: state string %s ", state)
if state != googleOauthStateString {
log.Printf("invalid oauth state, expected '%s', got '%s'\n", googleOauthStateString, state)
http.Redirect(w, r, "/", http.StatusTemporaryRedirect)
return
}
I can split the string to get the state value using ?
delimiter. But I thought there must be a standard way of adding query param to redirect url in google oauth. Could someone give some suggestions on this?
答案1
得分: 2
我认为你离答案很近。这对我有用:
hostDomainOption := oauth2.SetAuthURLParam("hd", "example.com")
authUrl := oAuthConfig.AuthCodeURL("state",
oauth2.AccessTypeOffline,
hostDomainOption)
我认为你可能卡在了注意到AuthCodeURL方法是可变参数的地方。
英文:
I think you're close. This worked for me:
hostDomainOption := oauth2.SetAuthURLParam("hd", "example.com")
authUrl := oAuthConfig.AuthCodeURL("state",
oauth2.AccessTypeOffline,
hostDomainOption)
I think where you might have been stuck is noticing that the AuthCodeURL method is variadic.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论