英文:
can't get user profile info using Oauth2 in server using id_token provided by client
问题
我尝试使用Google ID在我的网页上登录。我在控制台中记录了用户的id_token。然后我将其复制并传递给服务器,尝试获取用户信息。但是在Golang服务器中出现错误:
> 错误是oauth2: 无法获取令牌:400 Bad Request
响应:{
"error" : "invalid_grant"
}
这是我的服务器端代码。
func main() {
go func() {
http.ListenAndServe(":8123", nil)
}()
http.HandleFunc("/", serveFile)
http.HandleFunc("/loginUser", loginUser)
<-quit
}
func loginUser(rw http.ResponseWriter, req *http.Request) {
id_token, _ := getIdToken(req)
conf := oauth2.Config{
ClientID: "HIDDEN.apps.googleusercontent.com",
ClientSecret: "HIDDEN",
Scopes: []string{
"https://www.googleapis.com/auth/userinfo.email",
"https://www.googleapis.com/auth/userinfo.profile",
},
Endpoint: google.Endpoint,
}
L.Errorln(id_token)
tok, err := conf.Exchange(oauth2.NoContext, id_token)
if err != nil {
L.Errorln("err is", err)
}
L.Errorln("token is ", tok)
response, err := http.Get("https://www.googleapis.com/oauth2/v2/userinfo?access_token=" + tok.AccessToken)
defer response.Body.Close()
contents, err := ioutil.ReadAll(response.Body)
L.Errorln(contents, err)
}
这是我的客户端代码。
<!DOCTYPE html>
<html>
<head>
<meta name="google-signin-scope" content="profile email">
<meta name="google-signin-client_id" content="HIDDEN.apps.googleusercontent.com">
<script src="https://apis.google.com/js/client:platform.js?" async defer></script>
<script src="/login.js"></script>
<link rel="stylesheet" type="text/css" href="/login.css">
<title>Wander</title>
</head>
<body>
<div id="g-login" class="g-signin2" data-onsuccess="onSignIn" data-theme="dark"></div>
<a href="#" onclick="signOut();">Sign out</a>
<script>
function signOut() {
var auth2 = gapi.auth2.getAuthInstance();
auth2.signOut().then(function () {
console.log('User signed out.');
});
}
</script>
</body>
</html>
login.js
function onSignIn(googleUser) {
// Useful data for your client-side scripts:
var profile = googleUser.getBasicProfile();
console.log("ID: " + profile.getId()); // 不要直接发送给服务器!
console.log('Full Name: ' + profile.getName());
console.log('Given Name: ' + profile.getGivenName());
console.log('Family Name: ' + profile.getFamilyName());
console.log("Image URL: " + profile.getImageUrl());
console.log("Email: " + profile.getEmail());
// 需要传递给后端的ID令牌:
var id_token = googleUser.getAuthResponse().id_token;
console.log("ID Token: " + id_token);
};
希望这些信息对你有帮助!
英文:
I tried to log in using the google id on my web page. I logged the id_token from the user in console. Then I copied that and passed to a server and tried to get user info. But I get an error in golang server as
> err is oauth2: cannot fetch token: 400 Bad Request
Response: {
"error" : "invalid_grant"
}
This is my serve side code.
func main() {
go func() {
http.ListenAndServe(":8123", nil)
}()
http.HandleFunc("/", serveFile)
http.HandleFunc("/loginUser", loginUser)
<-quit
}
func loginUser(rw http.ResponseWriter, req *http.Request) {
id_token, _ := getIdToken(req)
conf := oauth2.Config{
ClientID: "HIDDEN.apps.googleusercontent.com",
ClientSecret: "HIDDEN",
Scopes: []string{
"https://www.googleapis.com/auth/userinfo.email",
"https://www.googleapis.com/auth/userinfo.profile",
},
Endpoint: google.Endpoint,
}
L.Errorln(id_token)
tok, err := conf.Exchange(oauth2.NoContext, id_token)
if err != nil {
L.Errorln("err is", err)
}
L.Errorln("token is ", tok)
response, err := http.Get("https://www.googleapis.com/oauth2/v2/userinfo?access_token=" + tok.AccessToken)
defer response.Body.Close()
contents, err := ioutil.ReadAll(response.Body)
L.Errorln(contents, err)
My client side code as follows
<!DOCTYPE html>
<html>
<head>
<meta name="google-signin-scope" content="profile email">
<meta name="google-signin-client_id" content="HIDDEN.apps.googleusercontent.com">
<script src="https://apis.google.com/js/client:platform.js?" async defer>
</script>
<script src="/login.js"></script>
<link rel="stylesheet" type="text/css" href="/login.css">
<title>Wander</title>
</head>
<body>
<div id="g-login" class="g-signin2" data-onsuccess="onSignIn" data-
theme="dark" ></div>
<a href="#" onclick="signOut();">Sign out</a>
<script>
function signOut() {
var auth2 = gapi.auth2.getAuthInstance();
auth2.signOut().then(function () {
console.log('User signed out.');
});
}
</script>
</body>
</html>
login.js
function onSignIn(googleUser) {
// Useful data for your client-side scripts:
var profile = googleUser.getBasicProfile();
console.log("ID: " + profile.getId()); // Don't send this directly to your server!
console.log('Full Name: ' + profile.getName());
console.log('Given Name: ' + profile.getGivenName());
console.log('Family Name: ' + profile.getFamilyName());
console.log("Image URL: " + profile.getImageUrl());
console.log("Email: " + profile.getEmail());
// The ID token you need to pass to your backend:
var id_token = googleUser.getAuthResponse().id_token;
console.log("ID Token: " + id_token);
};
答案1
得分: 1
你收到的id_token已经包含了你所需的用户信息。
请访问https://jwt.io查找一个Go库来解码你的令牌。
英文:
The id_token you received already contains the information of the user you need.
See https://jwt.io to find a Go library to decode your token.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论