英文:
can't get user profile info using Oauth2 in server using id_token provided by client
问题
我尝试使用Google ID在我的网页上登录。我在控制台中记录了用户的id_token。然后我将其复制并传递给服务器,尝试获取用户信息。但是在Golang服务器中出现错误:
> 错误是oauth2: 无法获取令牌:400 Bad Request
响应:{
"error" : "invalid_grant"
}
这是我的服务器端代码。
func main() {go func() {http.ListenAndServe(":8123", nil)}()http.HandleFunc("/", serveFile)http.HandleFunc("/loginUser", loginUser)<-quit}func loginUser(rw http.ResponseWriter, req *http.Request) {id_token, _ := getIdToken(req)conf := oauth2.Config{ClientID: "HIDDEN.apps.googleusercontent.com",ClientSecret: "HIDDEN",Scopes: []string{"https://www.googleapis.com/auth/userinfo.email","https://www.googleapis.com/auth/userinfo.profile",},Endpoint: google.Endpoint,}L.Errorln(id_token)tok, err := conf.Exchange(oauth2.NoContext, id_token)if err != nil {L.Errorln("err is", err)}L.Errorln("token is ", tok)response, err := http.Get("https://www.googleapis.com/oauth2/v2/userinfo?access_token=" + tok.AccessToken)defer response.Body.Close()contents, err := ioutil.ReadAll(response.Body)L.Errorln(contents, err)}
这是我的客户端代码。
<!DOCTYPE html><html><head><meta name="google-signin-scope" content="profile email"><meta name="google-signin-client_id" content="HIDDEN.apps.googleusercontent.com"><script src="https://apis.google.com/js/client:platform.js?" async defer></script><script src="/login.js"></script><link rel="stylesheet" type="text/css" href="/login.css"><title>Wander</title></head><body><div id="g-login" class="g-signin2" data-onsuccess="onSignIn" data-theme="dark"></div><a href="#" onclick="signOut();">Sign out</a><script>function signOut() {var auth2 = gapi.auth2.getAuthInstance();auth2.signOut().then(function () {console.log('User signed out.');});}</script></body></html>
login.js
function onSignIn(googleUser) {// Useful data for your client-side scripts:var profile = googleUser.getBasicProfile();console.log("ID: " + profile.getId()); // 不要直接发送给服务器!console.log('Full Name: ' + profile.getName());console.log('Given Name: ' + profile.getGivenName());console.log('Family Name: ' + profile.getFamilyName());console.log("Image URL: " + profile.getImageUrl());console.log("Email: " + profile.getEmail());// 需要传递给后端的ID令牌:var id_token = googleUser.getAuthResponse().id_token;console.log("ID Token: " + id_token);};
希望这些信息对你有帮助!
英文:
I tried to log in using the google id on my web page. I logged the id_token from the user in console. Then I copied that and passed to a server and tried to get user info. But I get an error in golang server as
> err is oauth2: cannot fetch token: 400 Bad Request
Response: {
"error" : "invalid_grant"
}
This is my serve side code.
func main() {go func() {http.ListenAndServe(":8123", nil)}()http.HandleFunc("/", serveFile)http.HandleFunc("/loginUser", loginUser)<-quit}func loginUser(rw http.ResponseWriter, req *http.Request) {id_token, _ := getIdToken(req)conf := oauth2.Config{ClientID: "HIDDEN.apps.googleusercontent.com",ClientSecret: "HIDDEN",Scopes: []string{"https://www.googleapis.com/auth/userinfo.email","https://www.googleapis.com/auth/userinfo.profile",},Endpoint: google.Endpoint,}L.Errorln(id_token)tok, err := conf.Exchange(oauth2.NoContext, id_token)if err != nil {L.Errorln("err is", err)}L.Errorln("token is ", tok)response, err := http.Get("https://www.googleapis.com/oauth2/v2/userinfo?access_token=" + tok.AccessToken)defer response.Body.Close()contents, err := ioutil.ReadAll(response.Body)L.Errorln(contents, err)
My client side code as follows
<!DOCTYPE html><html><head><meta name="google-signin-scope" content="profile email"><meta name="google-signin-client_id" content="HIDDEN.apps.googleusercontent.com"><script src="https://apis.google.com/js/client:platform.js?" async defer></script><script src="/login.js"></script><link rel="stylesheet" type="text/css" href="/login.css"><title>Wander</title></head><body><div id="g-login" class="g-signin2" data-onsuccess="onSignIn" data-theme="dark" ></div><a href="#" onclick="signOut();">Sign out</a><script>function signOut() {var auth2 = gapi.auth2.getAuthInstance();auth2.signOut().then(function () {console.log('User signed out.');});}</script></body></html>
login.js
function onSignIn(googleUser) {// Useful data for your client-side scripts:var profile = googleUser.getBasicProfile();console.log("ID: " + profile.getId()); // Don't send this directly to your server!console.log('Full Name: ' + profile.getName());console.log('Given Name: ' + profile.getGivenName());console.log('Family Name: ' + profile.getFamilyName());console.log("Image URL: " + profile.getImageUrl());console.log("Email: " + profile.getEmail());// The ID token you need to pass to your backend:var id_token = googleUser.getAuthResponse().id_token;console.log("ID Token: " + id_token);};
答案1
得分: 1
你收到的id_token已经包含了你所需的用户信息。
请访问https://jwt.io查找一个Go库来解码你的令牌。
英文:
The id_token you received already contains the information of the user you need.
See https://jwt.io to find a Go library to decode your token.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论