/* This is an example application to demonstrate querying the user info endpoint. */ package main import ( "encoding/json" "log" "net/http" "os" "github.com/ericchiang/oidc" "golang.org/x/net/context" "golang.org/x/oauth2" ) var ( clientID = os.Getenv("GOOGLE_OAUTH2_CLIENT_ID") clientSecret = os.Getenv("GOOGLE_OAUTH2_CLIENT_SECRET") ) func main() { ctx := context.Background() provider, err := oidc.NewProvider(ctx, "https://accounts.google.com") if err != nil { log.Fatal(err) } config := oauth2.Config{ ClientID: clientID, ClientSecret: clientSecret, Endpoint: provider.Endpoint(), RedirectURL: "http://127.0.0.1:5556/auth/google/callback", Scopes: []string{oidc.ScopeOpenID, "profile", "email"}, } state := "foobar" // Don't do this in production. http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { http.Redirect(w, r, config.AuthCodeURL(state), http.StatusFound) }) http.HandleFunc("/auth/google/callback", func(w http.ResponseWriter, r *http.Request) { if r.URL.Query().Get("state") != state { http.Error(w, "state did not match", http.StatusBadRequest) return } oauth2Token, err := config.Exchange(ctx, r.URL.Query().Get("code")) if err != nil { http.Error(w, "Failed to exchange token: "+err.Error(), http.StatusInternalServerError) return } userInfo, err := provider.UserInfo(ctx, oauth2.StaticTokenSource(oauth2Token)) if err != nil { http.Error(w, "Failed to get userinfo: "+err.Error(), http.StatusInternalServerError) return } resp := struct { OAuth2Token *oauth2.Token UserInfo *oidc.UserInfo }{oauth2Token, userInfo} data, err := json.MarshalIndent(resp, "", " ") if err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } w.Write(data) }) log.Printf("listening on http://%s/", "127.0.0.1:5556") log.Fatal(http.ListenAndServe("127.0.0.1:5556", nil)) }