oauth2 cannot fetch token: bad request

Question

I write a handler so that when accessing the route /auth/google/callback, I try to login with Google account through OAuth2. The handler is implemented like this:

package route

import (
    "net/http"
    "golang.org/x/oauth2"
    "golang.org/x/oauth2/google"
    "fmt"
)

func GoogleOAuthHandler(w http.ResponseWriter, r *http.Request) {
    conf:=&oauth2.Config{
        ClientID:"myclientid",
        ClientSecret:"myclientsecret",
        RedirectURL:"http://localhost:3000",
        Scopes:[]string{
            "https://www.googleapis.com/auth/userinfo.profile",
            "https://www.googleapis.com/auth/userinfo.email",
        },
        Endpoint:google.Endpoint,
    }

    code := r.URL.Query().Get("code")

    token, err := conf.Exchange(oauth2.NoContext, code)
    if err != nil {
        http.Error(w, err.Error(), http.StatusInternalServerError)
        return
    }

    fmt.Println(token)

    http.Redirect(w, r, "/", http.StatusMovedPermanently)
}

In func main(), http.HandleFunc("/auth/google/callback",route.GoogleOAuthHandler) is setup

When I access that path, it throws an error like this on browser:

oauth2: cannot fetch token: 400 Bad Request
Response: {
  "error" : "invalid_request",
  "error_description" : "Missing required parameter: code"
}

Did I miss something? Please instruct me to make a proper access to OAuth2 and get token and information from Google account

Answer 1

You are trying to access an url parameter (code) which is not defined in your url.

r.URL.Query().Get() returns an url parameter defined in the url address. In your case you are searching for code param, which is missing.

Checking the Exchange method, this converts an authorization code into a token.

func (c *Config) Exchange(ctx context.Context, code string) (*Token, error).

The token in your case is an url parameter, but it's not declared. To sum up please include the token string in the url as a parameter otherwise declare somewhere in your code.