はどのように使用してGETアマゾンのAlexaのログインをしようとしていますのOAuth2

Question

go version go1.7.4 linux/amd64 

を使用して移動中に暗黙の助成を実施するのOAuth2

package main 

import (
    "context" 
    "encoding/json" 
    "fmt" 
    "html/template" 
    "io/ioutil" 
    "log" 
    "net/http" 
    "net/url" 

    "golang.org/x/oauth2" 
    "gopkg.in/oauth2.v3/errors" 
    "gopkg.in/oauth2.v3/manage" 
    "gopkg.in/oauth2.v3/models" 
    "gopkg.in/oauth2.v3/server" 
    "gopkg.in/oauth2.v3/store" 
    "gopkg.in/session.v1" 
) 

var (
    config = oauth2.Config{ 
     ClientID:  "222222", 
     ClientSecret: "22222222", 
     Scopes:  []string{"all"}, 
     RedirectURL: "https://pitangui.amazon.com/spa/skill/account-linking-status.html?vendorId=xxxxxxxxxxxx", 
     Endpoint: oauth2.Endpoint{ 
      AuthURL: "/authorize", 
      TokenURL: "/token", 
     }, 
    } 
    globalSessions *session.Manager 
) 

func init() { 
    globalSessions, _ = session.NewManager("memory", `{"cookieName":"gosessionid","gclifetime":3600}`) 
    go globalSessions.GC() 
} 

func mainHandler(w http.ResponseWriter, r *http.Request) { 

    w.Write([]byte("hello world")) 
    fmt.Println("loginHandler") 
} 

/* 
Function Name : main() 

Function Description : This function is capable of running this application and listen for requests comming in 

*/ 
func main() { 
    http.HandleFunc("/home", mainHandler) 

    // Listen to port 8080 and handle requests 

    //------------------------------client.go--------------------------------------------// 
    http.HandleFunc("/client", func(w http.ResponseWriter, r *http.Request) { 
     log.Println("client") 
     u := config.AuthCodeURL("xyz") 
     http.Redirect(w, r, u, http.StatusFound) 
    }) 
    http.HandleFunc("/oauth2", func(w http.ResponseWriter, r *http.Request) { 
     log.Println("oauth2") 
     log.Println("request url is", r.RequestURI) 
     log.Println("request method", r.Method) 
     requestbody, _ := ioutil.ReadAll(r.Body) 
     log.Println("request body is", string(requestbody)) 
     log.Println("request body is", requestbody) 
     r.ParseForm() 
     state := r.Form.Get("state") 
     if state != "xyz" { 
      http.Error(w, "State invalid", http.StatusBadRequest) 
      return 
     } 
     code := r.Form.Get("code") 
     log.Println("code is", code) 
     if code == "" { 
      http.Error(w, "Code not found", http.StatusBadRequest) 
      return 
     } 
     token, err := config.Exchange(context.Background(), code) 
     if err != nil { 
      http.Error(w, err.Error(), http.StatusInternalServerError) 
      return 
     } 
     log.Println("w is:", *token) 
     e := json.NewEncoder(w) 
     e.SetIndent("", " ") 
     e.Encode(*token) 
    }) 
    //------------------------------client.go--------------------------------------------// 
    //------------------------------server.go--------------------------------------------// 
    manager := manage.NewDefaultManager() 
    // token store 
    manager.MustTokenStorage(store.NewMemoryTokenStore()) 

    clientStore := store.NewClientStore() 
    clientStore.Set("222222", &models.Client{ 
     ID:  "222222", 
     Secret: "22222222", 
     Domain: "", 
    }) 
    manager.MapClientStorage(clientStore) 

    srv := server.NewServer(server.NewConfig(), manager) 
    srv.SetUserAuthorizationHandler(userAuthorizeHandler) 

    srv.SetInternalErrorHandler(func(err error) (re *errors.Response) { 
     log.Println("Internal Error:", err.Error()) 
     return 
    }) 

    srv.SetResponseErrorHandler(func(re *errors.Response) { 
     log.Println("Response Error:", re.Error.Error()) 
    }) 

    http.HandleFunc("/login", loginHandler) 
    http.HandleFunc("/auth", authHandler) 

    http.HandleFunc("/authorize", func(w http.ResponseWriter, r *http.Request) { 
     log.Println("/authorize") 
     requestbody, _ := ioutil.ReadAll(r.Body) 
     log.Println("request body is", requestbody) 
     log.Println("request url is", r.RequestURI) 
     err := srv.HandleAuthorizeRequest(w, r) 
     if err != nil { 
      http.Error(w, err.Error(), http.StatusBadRequest) 
     } 
    }) 

    http.HandleFunc("/token", func(w http.ResponseWriter, r *http.Request) { 
     log.Println("/token") 

     err := srv.HandleTokenRequest(w, r) 
     if err != nil { 
      http.Error(w, err.Error(), http.StatusInternalServerError) 
     } 
    }) 
    //------------------------------server.go--------------------------------------------// 
    http.ListenAndServe(":8080", nil) 

} 

func userAuthorizeHandler(w http.ResponseWriter, r *http.Request) (userID string, err error) { 
    log.Println("userAuthorizeHandler") 
    us, err := globalSessions.SessionStart(w, r) 
    uid := us.Get("UserID") 
    if uid == nil { 
     if r.Form == nil { 
      r.ParseForm() 
     } 
     us.Set("Form", r.Form) 
     w.Header().Set("Location", "/login") 
     w.WriteHeader(http.StatusFound) 
     return 
    } 
    userID = uid.(string) 
    us.Delete("UserID") 
    return 
} 
func loginHandler(w http.ResponseWriter, r *http.Request) { 

    // do whatever you need to do 
    if r.Method == "POST" { 
     fmt.Println("login post method") 
     us, err := globalSessions.SessionStart(w, r) 
     if err != nil { 
      fmt.Println("err:", err) 
      http.Error(w, err.Error(), http.StatusInternalServerError) 
      return 
     } 
     us.Set("LoggedInUserID", "000000") 
     w.Header().Set("Location", "/auth") 
     w.WriteHeader(http.StatusFound) 
     return 
    } 
    myvar := map[string]interface{}{"MyVar": "hiiiiiiiiiiii"} 
    outputHTML(w, "static/login.html", myvar) 
} 

func authHandler(w http.ResponseWriter, r *http.Request) { 
    log.Println("authHandler") 
    log.Println("request url is", r.RequestURI) 
    log.Println("request method", r.Method) 
    requestbody, _ := ioutil.ReadAll(r.Body) 
    log.Println("request body is", string(requestbody)) 
    log.Println("request body is", requestbody) 
    us, err := globalSessions.SessionStart(w, r) 
    if err != nil { 
     http.Error(w, err.Error(), http.StatusInternalServerError) 
     return 
    } 
    log.Println("LoggedInUserID:", us.Get("LoggedInUserID")) 
    if us.Get("LoggedInUserID") == nil { 
     w.Header().Set("Location", "/login") 
     w.WriteHeader(http.StatusFound) 
     return 
    } 
    if r.Method == "POST" { 
     form := us.Get("Form").(url.Values) 
     log.Println("form values entered are", form) 
     u := new(url.URL) 
     u.Path = "/authorize" 
     u.RawQuery = form.Encode() 
     w.Header().Set("Location", u.String()) 
     w.WriteHeader(http.StatusFound) 
     us.Delete("Form") 
     us.Set("UserID", us.Get("LoggedInUserID")) 
     return 
    } 
    myvar := map[string]interface{}{"MyVar": "redirect url:" + "https://pitangui.amazon.com/spa/skill/account-linking-status.html?vendorId=M256OAZNG882Y2"} 
    outputHTML(w, "static/auth.html", myvar) 
} 

func outputHTML(w http.ResponseWriter, filename string, data interface{}) { 
    t, err := template.ParseFiles(filename) 
    if err != nil { 
     http.Error(w, err.Error(), 500) 
     return 
    } 
    if err := t.Execute(w, data); err != nil { 
     http.Error(w, err.Error(), 500) 
     return 
    } 
} 

私はこの例ではOAuthを達成することができていますが、今、私はとの暗黙の補助金のOAuth2を実装したいですこの例。この例は暗黙のgrantではなく、代わりにresponse_type = codeと仮定すると、

Answer 1

を得るには、response_typeとclient_idが必要です。 RFC6749を参照してください。ここにサンプルGETリクエストがあります。

GET /authorize?response_type=token&client_id=s6BhdRkqt3&state=xyz 
     &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb HTTP/1.1 
    Host: server.example.com 

最初にCurlを使ってテストできます。ここではカール

は

curl --data "response_type=token&client_id=227a1cb1&state=xyz" https://hosturl/oauth2/authorize