search

google / oauth2l

oauth2l ("oauth tool") is a simple CLI for interacting with Google API authentication.
Apache License 2.0
643 stars 81 forks source link

Service Account flow - 2 Legged Oauth Golang #93

Closed supreetd21 closed 4 years ago

supreetd21 commented 4 years ago

I know possibly this isn't the apt place for this question

I want to get the Oauth token from the GCP client credentials. Reference

Works well with oauth2l fetch --credentials ~/Downloads/esp-rainmaker-97663-2f539a842d10.json --scope https://www.googleapis.com/auth/homegraph

When I try with the Golang API, I get the following error.

package main

import (
    "fmt"
    "io/ioutil"
    "log"

    "golang.org/x/oauth2"
    "golang.org/x/oauth2/google"
)

func main() {
    data, err := ioutil.ReadFile("/Users/supreetdeshpande/Downloads/esp-rainmaker-97663-2f539a842d10.json")
    if err != nil {
        log.Fatal(err)
    }
    conf, err := google.JWTConfigFromJSON(data, "https://www.googleapis.com/auth/homegraph")
    if err != nil {
        log.Fatal(err)
    }

    client := conf.Client(oauth2.NoContext)
    response, err := client.Get("...")
    if err != nil {
        log.Fatal(err)
    }
    fmt.Println(response)
}

I have downloaded the credentials and they work well with the Google Actions Test suite. I tried this code but I'm getting 2020/06/02 01:58:56 Get ...: unsupported protocol scheme ""

Often these errors seem to arise due to incorrect token URLs. My configured URI is https://oauth2.googleapis.com/token which conforms as stated here.

To confirm the scheme I replaced ("...") above with the actual URL, response, err := client.Get("https://oauth2.googleapis.com/token") It resulted in the below error, 

&{404 Not Found 404 HTTP/2.0 2 0 map[Alt-Svc:[h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"] Content-Length:[0] Content-Type:[text/html] Date:[Tue, 02 Jun 2020 18:43:01 GMT] Server:[scaffolding on HTTPServer2] X-Content-Type-Options:[nosniff] X-Frame-Options:[SAMEORIGIN] X-Xss-Protection:[0]] {0xc0002a6280} 0 [] false false map[] 0xc00011e300 0xc0000b2370}

Snippet from the JSON file -"token_uri": "https://oauth2.googleapis.com/token", Tried printing the client before the Get call and it did print the correct URL too.

Is there something I could be missing?

supreetd21 commented 4 years ago

The above code is incorrect, for those confused with the service account example in Godoc. Here's the solution - https://github.com/golang/oauth2/issues/280