| // Copyright 2014 The Go Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style |
| // license that can be found in the LICENSE file. |
| |
| package oauth2_test |
| |
| import ( |
| "context" |
| "fmt" |
| "log" |
| "net/http" |
| "time" |
| |
| "golang.org/x/oauth2" |
| ) |
| |
| func ExampleConfig() { |
| ctx := context.Background() |
| conf := &oauth2.Config{ |
| ClientID: "YOUR_CLIENT_ID", |
| ClientSecret: "YOUR_CLIENT_SECRET", |
| Scopes: []string{"SCOPE1", "SCOPE2"}, |
| Endpoint: oauth2.Endpoint{ |
| AuthURL: "https://provider.com/o/oauth2/auth", |
| TokenURL: "https://provider.com/o/oauth2/token", |
| }, |
| } |
| |
| // use PKCE to protect against CSRF attacks |
| // https://www.ietf.org/archive/id/draft-ietf-oauth-security-topics-22.html#name-countermeasures-6 |
| verifier := oauth2.GenerateVerifier() |
| |
| // Redirect user to consent page to ask for permission |
| // for the scopes specified above. |
| url := conf.AuthCodeURL("state", oauth2.AccessTypeOffline, oauth2.S256ChallengeOption(verifier)) |
| fmt.Printf("Visit the URL for the auth dialog: %v", url) |
| |
| // Use the authorization code that is pushed to the redirect |
| // URL. Exchange will do the handshake to retrieve the |
| // initial access token. The HTTP Client returned by |
| // conf.Client will refresh the token as necessary. |
| var code string |
| if _, err := fmt.Scan(&code); err != nil { |
| log.Fatal(err) |
| } |
| tok, err := conf.Exchange(ctx, code, oauth2.VerifierOption(verifier)) |
| if err != nil { |
| log.Fatal(err) |
| } |
| |
| client := conf.Client(ctx, tok) |
| client.Get("...") |
| } |
| |
| func ExampleConfig_customHTTP() { |
| ctx := context.Background() |
| |
| conf := &oauth2.Config{ |
| ClientID: "YOUR_CLIENT_ID", |
| ClientSecret: "YOUR_CLIENT_SECRET", |
| Scopes: []string{"SCOPE1", "SCOPE2"}, |
| Endpoint: oauth2.Endpoint{ |
| TokenURL: "https://provider.com/o/oauth2/token", |
| AuthURL: "https://provider.com/o/oauth2/auth", |
| }, |
| } |
| |
| // Redirect user to consent page to ask for permission |
| // for the scopes specified above. |
| url := conf.AuthCodeURL("state", oauth2.AccessTypeOffline) |
| fmt.Printf("Visit the URL for the auth dialog: %v", url) |
| |
| // Use the authorization code that is pushed to the redirect |
| // URL. Exchange will do the handshake to retrieve the |
| // initial access token. The HTTP Client returned by |
| // conf.Client will refresh the token as necessary. |
| var code string |
| if _, err := fmt.Scan(&code); err != nil { |
| log.Fatal(err) |
| } |
| |
| // Use the custom HTTP client when requesting a token. |
| httpClient := &http.Client{Timeout: 2 * time.Second} |
| ctx = context.WithValue(ctx, oauth2.HTTPClient, httpClient) |
| |
| tok, err := conf.Exchange(ctx, code) |
| if err != nil { |
| log.Fatal(err) |
| } |
| |
| client := conf.Client(ctx, tok) |
| _ = client |
| } |