英文:
Get Google Sign In Profile Info From Access Token - Golang
问题
我有以下的JavaScript代码:
auth2.grantOfflineAccess().then(function(codeData) {
if (!codeData) {
alert("出现了一些问题");
return;
}
$.post("/do/signIn/google", codeData, function() { ... });
});
我正在将Google登录的代码发送到我的Golang Web应用程序。
我成功地从POST https://www.googleapis.com/oauth2/v4/token
获取了访问令牌。
我的问题是,我无法获取用户的个人资料信息(例如电子邮件、显示名称等)。
我尝试发送一个请求到GET https://www.googleapis.com/auth/userinfo.profile?access_token=xxx
,但是我收到了一个空的响应(空白的主体)。
英文:
I have the following JavaScript code
auth2.grantOfflineAccess().then(function(codeData) {
if (!codeData) {
alert("Something went wrong");
return;
}
$.post("/do/signIn/google", codeData, function() { ... });
});
I am sending the code for a Google sign in to my golang web app.
I successfully got an access token from POST https://www.googleapis.com/oauth2/v4/token
.
My issue is, I am unable to get the user's profile information (such as email, display name etc.)
I've tried sending a request to GET https://www.googleapis.com/auth/userinfo.profile?access_token=xxx
and I receive an empty response (blank body).
答案1
得分: 1
你必须解码通过 POST https://www.googleapis.com/oauth2/v4/token
返回的 Google ID 令牌,将其转换为 Google+ ID,然后可以使用 GET https://www.googleapis.com/plus/v1/people/[gplusID]?access_token=[accessToken]
。
使用 Go 语言,你可以使用以下函数解码 Google ID 令牌:
func decodeGoogleIDToken(idToken string) (gplusID string, err error) {
var set struct {
Sub string
}
if idToken != "" {
// 检查 base64 解码的填充是否正确
parts := strings.Split(idToken, ".")
if len(parts) < 2 {
return "", fmt.Errorf("Malformed ID token")
}
// 解码 ID 令牌
s := parts[1]
switch len(s) % 4 {
case 2:
s += "=="
case 3:
s += "="
}
b, err := base64.URLEncoding.DecodeString(s)
if err != nil {
return "", fmt.Errorf("Malformed ID token: %v", err)
}
err = json.Unmarshal(b, &set)
if err != nil {
return "", fmt.Errorf("Malformed ID token: %v", err)
}
}
return set.Sub, nil
}
你可以在这里查看一个示例:https://play.golang.org/p/M7sYmE2ztx
英文:
You must decode the Google ID token returned by POST https://www.googleapis.com/oauth2/v4/token
to convert it into a Google+ ID then you may use GET https://www.googleapis.com/plus/v1/people/[gplusID]?access_token=[accessToken]
> Using Go, you can decode the google ID token using the following
> function. Normally, it is critical that you validate an ID token
> before you use it, but since you are communicating directly with
> Google over an intermediary-free HTTPS channel and using your Client
> Secret to authenticate yourself to Google, you can be confident that
> the token you receive really comes from Google and is valid. If your
> server passes the ID token to other components of your app, it is
> extremely important that the other components validate the token
> before using it.
Using Go, you can decode the ID token with the following function.
func decodeGoogleIDToken(idToken string) (gplusID string, err error) {
var set struct {
Sub string
}
if idToken != "" {
// Check that the padding is correct for a base64decode
parts := strings.Split(idToken, ".")
if len(parts) < 2 {
return "", fmt.Errorf("Malformed ID token")
}
// Decode the ID token
s := parts[1]
switch len(s) % 4 {
case 2:
s += "=="
case 3:
s += "="
}
b, err := base64.URLEncoding.DecodeString(s)
if err != nil {
return "", fmt.Errorf("Malformed ID token: %v", err)
}
err = json.Unmarshal(b, &set)
if err != nil {
return "", fmt.Errorf("Malformed ID token: %v", err)
}
}
return set.Sub, nil
}
Check out an example here at https://play.golang.org/p/M7sYmE2ztx
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论