CODEWITHSUNDEEP
google-app-enginegogoogle-oauthgoogle-api-go-client
quikchange
quikchange

Reputation: 554

How do I use a client ID for OAuth2 on App Engine in Go?

I have some fairly simple Go code running in AppEngine that should be using OAuth2 to fetch the list of files from the user's account. It seems to initialize the service OK but when it tries to fetch the file list, I get this error: OAuthError: RoundTrip: no Token supplied

package foo

import (
    "appengine"
    "appengine/urlfetch"
    "code.google.com/p/goauth2/oauth"
    "code.google.com/p/google-api-go-client/drive/v2"
    "fmt"
    "net/http"
)

var config = &oauth.Config{
    ClientId:     "(redacted).apps.googleusercontent.com",
    ClientSecret: "REDACTED",
    Scope:        "https://www.googleapis.com/auth/drive",
    AuthURL:      "https://accounts.google.com/o/oauth2/auth",
    TokenURL:     "https://accounts.google.com/o/oauth2/token",
}

func init() {
    http.HandleFunc("/", home)
}

func home(w http.ResponseWriter, r *http.Request) {
    c := appengine.NewContext(r)
    transport := &oauth.Transport{
        Config:    config,
        Transport: &urlfetch.Transport{Context: c}}
    svc, err := drive.New(transport.Client())
    if err != nil {
        http.Error(w, err.Error(), http.StatusInternalServerError)
        return
    }
    q := svc.Files.List()
    _, err = q.Do()
    if err != nil {
        http.Error(w, err.Error(), http.StatusInternalServerError)
        return
    }
    fmt.Fprintf(w, "Success!")
}

I cannot figure out what I'm doing wrong here. Any help would be kindly appreciated.

Upvotes: 1

Views: 1084

Answers (2)

Jonathan
Jonathan

Reputation: 616

This page is kinda old but it outlines the steps nicely with Go code. http://golangtutorials.blogspot.com/2011/11/oauth2-3-legged-authorization-in-go-web.html

Upvotes: 3

guelfey
guelfey

Reputation: 1356

The token configuration is not enough; you first have to get a valid access token with the following steps:

  1. Redirect the user to the page returned by AuthCodeURL. The user will be shown the name of your application and the requested permissions.

  2. If the user grants the permissions, they will be redirected to the RedirectURL you gave in the configuration. The URL will contain a query parameter named code.

  3. Retrieve the code parameter and pass it to Exchange. If everything went well, the requests should now be authenticated properly.

Upvotes: 1

Related Questions