Wie Implizite Grant Go mit oauth2

Question

go version go1.7.4 linux/amd64 

Ich versuche, get amazon alexa Login mit oauth2

package main 

import (
    "context" 
    "encoding/json" 
    "fmt" 
    "html/template" 
    "io/ioutil" 
    "log" 
    "net/http" 
    "net/url" 

    "golang.org/x/oauth2" 
    "gopkg.in/oauth2.v3/errors" 
    "gopkg.in/oauth2.v3/manage" 
    "gopkg.in/oauth2.v3/models" 
    "gopkg.in/oauth2.v3/server" 
    "gopkg.in/oauth2.v3/store" 
    "gopkg.in/session.v1" 
) 

var (
    config = oauth2.Config{ 
     ClientID:  "222222", 
     ClientSecret: "22222222", 
     Scopes:  []string{"all"}, 
     RedirectURL: "https://pitangui.amazon.com/spa/skill/account-linking-status.html?vendorId=xxxxxxxxxxxx", 
     Endpoint: oauth2.Endpoint{ 
      AuthURL: "/authorize", 
      TokenURL: "/token", 
     }, 
    } 
    globalSessions *session.Manager 
) 

func init() { 
    globalSessions, _ = session.NewManager("memory", `{"cookieName":"gosessionid","gclifetime":3600}`) 
    go globalSessions.GC() 
} 

func mainHandler(w http.ResponseWriter, r *http.Request) { 

    w.Write([]byte("hello world")) 
    fmt.Println("loginHandler") 
} 

/* 
Function Name : main() 

Function Description : This function is capable of running this application and listen for requests comming in 

*/ 
func main() { 
    http.HandleFunc("/home", mainHandler) 

    // Listen to port 8080 and handle requests 

    //------------------------------client.go--------------------------------------------// 
    http.HandleFunc("/client", func(w http.ResponseWriter, r *http.Request) { 
     log.Println("client") 
     u := config.AuthCodeURL("xyz") 
     http.Redirect(w, r, u, http.StatusFound) 
    }) 
    http.HandleFunc("/oauth2", func(w http.ResponseWriter, r *http.Request) { 
     log.Println("oauth2") 
     log.Println("request url is", r.RequestURI) 
     log.Println("request method", r.Method) 
     requestbody, _ := ioutil.ReadAll(r.Body) 
     log.Println("request body is", string(requestbody)) 
     log.Println("request body is", requestbody) 
     r.ParseForm() 
     state := r.Form.Get("state") 
     if state != "xyz" { 
      http.Error(w, "State invalid", http.StatusBadRequest) 
      return 
     } 
     code := r.Form.Get("code") 
     log.Println("code is", code) 
     if code == "" { 
      http.Error(w, "Code not found", http.StatusBadRequest) 
      return 
     } 
     token, err := config.Exchange(context.Background(), code) 
     if err != nil { 
      http.Error(w, err.Error(), http.StatusInternalServerError) 
      return 
     } 
     log.Println("w is:", *token) 
     e := json.NewEncoder(w) 
     e.SetIndent("", " ") 
     e.Encode(*token) 
    }) 
    //------------------------------client.go--------------------------------------------// 
    //------------------------------server.go--------------------------------------------// 
    manager := manage.NewDefaultManager() 
    // token store 
    manager.MustTokenStorage(store.NewMemoryTokenStore()) 

    clientStore := store.NewClientStore() 
    clientStore.Set("222222", &models.Client{ 
     ID:  "222222", 
     Secret: "22222222", 
     Domain: "", 
    }) 
    manager.MapClientStorage(clientStore) 

    srv := server.NewServer(server.NewConfig(), manager) 
    srv.SetUserAuthorizationHandler(userAuthorizeHandler) 

    srv.SetInternalErrorHandler(func(err error) (re *errors.Response) { 
     log.Println("Internal Error:", err.Error()) 
     return 
    }) 

    srv.SetResponseErrorHandler(func(re *errors.Response) { 
     log.Println("Response Error:", re.Error.Error()) 
    }) 

    http.HandleFunc("/login", loginHandler) 
    http.HandleFunc("/auth", authHandler) 

    http.HandleFunc("/authorize", func(w http.ResponseWriter, r *http.Request) { 
     log.Println("/authorize") 
     requestbody, _ := ioutil.ReadAll(r.Body) 
     log.Println("request body is", requestbody) 
     log.Println("request url is", r.RequestURI) 
     err := srv.HandleAuthorizeRequest(w, r) 
     if err != nil { 
      http.Error(w, err.Error(), http.StatusBadRequest) 
     } 
    }) 

    http.HandleFunc("/token", func(w http.ResponseWriter, r *http.Request) { 
     log.Println("/token") 

     err := srv.HandleTokenRequest(w, r) 
     if err != nil { 
      http.Error(w, err.Error(), http.StatusInternalServerError) 
     } 
    }) 
    //------------------------------server.go--------------------------------------------// 
    http.ListenAndServe(":8080", nil) 

} 

func userAuthorizeHandler(w http.ResponseWriter, r *http.Request) (userID string, err error) { 
    log.Println("userAuthorizeHandler") 
    us, err := globalSessions.SessionStart(w, r) 
    uid := us.Get("UserID") 
    if uid == nil { 
     if r.Form == nil { 
      r.ParseForm() 
     } 
     us.Set("Form", r.Form) 
     w.Header().Set("Location", "/login") 
     w.WriteHeader(http.StatusFound) 
     return 
    } 
    userID = uid.(string) 
    us.Delete("UserID") 
    return 
} 
func loginHandler(w http.ResponseWriter, r *http.Request) { 

    // do whatever you need to do 
    if r.Method == "POST" { 
     fmt.Println("login post method") 
     us, err := globalSessions.SessionStart(w, r) 
     if err != nil { 
      fmt.Println("err:", err) 
      http.Error(w, err.Error(), http.StatusInternalServerError) 
      return 
     } 
     us.Set("LoggedInUserID", "000000") 
     w.Header().Set("Location", "/auth") 
     w.WriteHeader(http.StatusFound) 
     return 
    } 
    myvar := map[string]interface{}{"MyVar": "hiiiiiiiiiiii"} 
    outputHTML(w, "static/login.html", myvar) 
} 

func authHandler(w http.ResponseWriter, r *http.Request) { 
    log.Println("authHandler") 
    log.Println("request url is", r.RequestURI) 
    log.Println("request method", r.Method) 
    requestbody, _ := ioutil.ReadAll(r.Body) 
    log.Println("request body is", string(requestbody)) 
    log.Println("request body is", requestbody) 
    us, err := globalSessions.SessionStart(w, r) 
    if err != nil { 
     http.Error(w, err.Error(), http.StatusInternalServerError) 
     return 
    } 
    log.Println("LoggedInUserID:", us.Get("LoggedInUserID")) 
    if us.Get("LoggedInUserID") == nil { 
     w.Header().Set("Location", "/login") 
     w.WriteHeader(http.StatusFound) 
     return 
    } 
    if r.Method == "POST" { 
     form := us.Get("Form").(url.Values) 
     log.Println("form values entered are", form) 
     u := new(url.URL) 
     u.Path = "/authorize" 
     u.RawQuery = form.Encode() 
     w.Header().Set("Location", u.String()) 
     w.WriteHeader(http.StatusFound) 
     us.Delete("Form") 
     us.Set("UserID", us.Get("LoggedInUserID")) 
     return 
    } 
    myvar := map[string]interface{}{"MyVar": "redirect url:" + "https://pitangui.amazon.com/spa/skill/account-linking-status.html?vendorId=M256OAZNG882Y2"} 
    outputHTML(w, "static/auth.html", myvar) 
} 

func outputHTML(w http.ResponseWriter, filename string, data interface{}) { 
    t, err := template.ParseFiles(filename) 
    if err != nil { 
     http.Error(w, err.Error(), 500) 
     return 
    } 
    if err := t.Execute(w, data); err != nil { 
     http.Error(w, err.Error(), 500) 
     return 
    } 
} 

Ich bin in der Lage zu erreichen oauth durch dieses Beispiel zu implementieren, aber jetzt will ich mit impliziter Erteilung oauth2 implementieren Dieses Beispiel. Angenommen, dieses Beispiel ist keine implizite Erteilung statt response_type = code

Answer 1

Um eine implizite Erteilung zu erreichen, benötigen Sie nur response_type und client_id. Siehe RFC6749. Hier ist die Beispiel-GET-Anfrage

GET /authorize?response_type=token&client_id=s6BhdRkqt3&state=xyz 
     &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb HTTP/1.1 
    Host: server.example.com 

Sie können es zunächst mit Curl testen. Hier ist die Locken

curl --data "response_type=token&client_id=227a1cb1&state=xyz" https://hosturl/oauth2/authorize