如何在Go中使用JWT授权服务帐户?
答案 0 :(得分:7)
使用https://code.google.com/p/goauth2/
go get code.google.com/p/goauth2/oauth
从Google API控制台获取您的服务电子邮件和您的p12私钥。目前它无法读取p12文件,因此使用openssl将它们剥离为rsa键
openssl pkcs12 -in file.p12 -nocerts -out key.pem -nodes然后删除额外的文字
然后:
package main
import (
"code.google.com/p/goauth2/oauth/jwt"
"flag"
"fmt"
"http"
"io/ioutil"
)
var (
serviceEmail = flag.String("service_email", "", "OAuth service email.")
keyPath = flag.String("key_path", "key.pem", "Path to unencrypted RSA private key file.")
scope = flag.String("scope", "", "Space separated scopes.")
)
func fetchToken() (string, error) {
// Read the pem file bytes for the private key.
keyBytes, err := ioutil.ReadFile(*keyPath)
if err != nil {
return "", err
}
t := jwt.NewToken(*serviceEmail, *scope, keyBytes)
c := &http.Client{}
// Get the access token.
o, err := t.Assert(c)
if err != nil {
return "", err
}
return o.AccessToken, nil
}
func main() {
flag.Parse()
token, err := fetchToken()
if err != nil {
fmt.Printf("ERROR: %v\n", err)
} else {
fmt.Printf("SUCCESS: %v\n", token)
}