- TokenSource">type TokenSource
- Token">type Token
- AuthCodeOption">type AuthCodeOption
- AuthStyle">type AuthStyle
- Config">type Config
- Endpoint">type Endpoint
文档:https://pkg.go.dev/golang.org/x/oauth2
oauth2包包含了OAuth 2.0规范的客户端实现
type TokenSource
type TokenSource interface {Token() (*Token, error)}func ReuseTokenSource(t *Token, src TokenSource) TokenSourcefunc StaticTokenSource(t *Token) TokenSource
type Token
令牌表示用于授权访问OAuth 2.0提供者后端的受保护资源的请求的凭据。 这个包的大多数用户不应该直接访问Token字段。它们主要被导出,供实现派生OAuth2流的相关包使用
type Token struct {AccessToken string `json:"access_token"`TokenType string `json:"token_type,omitempty"`RefreshToken string `json:"refresh_token,omitempty"`Expiry time.Time `json:"expiry,omitempty"`}// Extra返回一个额外的字段。额外的字段是服务器作为令牌检索响应的一部分返回func (t *Token) Extra(key string) interface{}func (t *Token) SetAuthHeader(r *http.Request) // sets the Authorization header to rfunc (t *Token) Type() stringfunc (t *Token) Valid() bool
type AuthCodeOption
An AuthCodeOption is passed to Config.AuthCodeURL
type AuthCodeOption interface {// contains filtered or unexported methods}var (AccessTypeOnline AuthCodeOption = SetAuthURLParam("access_type", "online")AccessTypeOffline AuthCodeOption = SetAuthURLParam("access_type", "offline")// ApprovalForce forces the users to view the consent dialog// and confirm the permissions request at the URL returned// from AuthCodeURL, even if they've already done so.ApprovalForce AuthCodeOption = SetAuthURLParam("prompt", "consent"))func SetAuthURLParam(key, value string) AuthCodeOption
type AuthStyle
AuthStyle表示如何向服务器验证令牌请求
const (// 自动检测AuthStyleAutoDetect AuthStyle = 0// AuthStyleInParams sends the "client_id" and "client_secret"in the POSTAuthStyleInParams AuthStyle = 1// AuthStyleInHeader sends the client_id and client_password// using HTTP Basic AuthorizationAuthStyleInHeader AuthStyle = 2)
type Config
type Config struct {// ClientID is the application's ID.ClientID string// ClientSecret is the application's secret.ClientSecret string// Endpoint contains the resource server's token endpoint URLsEndpoint Endpoint// RedirectURL is the URL to redirect users going through// the OAuth flow, after the resource owner's URLs.RedirectURL string// Scope specifies optional requested permissions.Scopes []string}// AuthCodeURL返回一个URL到OAuth 2.0提供商的许可页面func (c *Config) AuthCodeURL(state string, opts ...AuthCodeOption) string// 使用提供的令牌返回一个HTTP客户端。令牌将根据需要自动刷新。// 底层的HTTP传输将使用提供的上下文获得func (c *Config) Client(ctx context.Context, t *Token) *http.Client// Exchange将授权代码(code)转换为令牌func (c *Config) Exchange(ctx context.Context, code string, opts ...AuthCodeOption) (*Token, error)func (c *Config) TokenSource(ctx context.Context, t *Token) TokenSourcefunc (c *Config) PasswordCredentialsToken(ctx context.Context, username, password string) (*Token, error)
package mainimport ("context""fmt""log""golang.org/x/oauth2")func main() {ctx := context.Background()conf := &oauth2.Config{ClientID: "YOUR_CLIENT_ID",ClientSecret: "YOUR_CLIENT_SECRET",Scopes: []string{"SCOPE1", "SCOPE2"},Endpoint: oauth2.Endpoint{AuthURL: "https://provider.com/o/oauth2/auth",TokenURL: "https://provider.com/o/oauth2/token",},}// Redirect user to consent page to ask for permission// for the scopes specified above.url := conf.AuthCodeURL("state", oauth2.AccessTypeOffline)fmt.Printf("Visit the URL for the auth dialog: %v\n", url)// Use the authorization code that is pushed to the redirect// URL. Exchange will do the handshake to retrieve the// initial access token. The HTTP Client returned by// conf.Client will refresh the token as necessary.var code stringif _, err := fmt.Scan(&code); err != nil {log.Fatal(err)}tok, err := conf.Exchange(ctx, code)if err != nil {log.Fatal(err)}client := conf.Client(ctx, tok)client.Get("...")}
type Endpoint
Endpoint 表示OAuth 2.0提供商的授权和令牌端点url
type Endpoint struct {AuthURL stringTokenURL string// AuthStyle optionally specifies how the endpoint wants the// client ID & client secret sent. The zero value means to// auto-detect.AuthStyle AuthStyle}
若有收获,就点个赞吧
0 人点赞
