我正在使用golang在squareup.com中添加客户,但它总是显示授权的问题谁能告诉我我的代码有什么问题:-
func Token(c *gin.Context) {
code := c.Query("code")
splitCode := strings.Split(code, "-")
scope := c.DefaultQuery("scope", "CUSTOMERS_WRITE")
customer := models.Customer{
GivenName: "Amelia",
FamilyName: "Earhart",
CompanyName: "fbgusbd",
Nickname: "kdfbkgjkdf",
EmailAddress: "Amelia.Earhart@example.com",
Address: models.Addresss{
AddressLine1: "500 Electric Ave",
AddressLine2: "Suite 600",
Locality: "New York",
AdministrativeDistrictLevel1: "NY",
PostalCode: "10003",
Country: "US",
},
PhoneNumber: "1-212-555-4240",
ReferenceId: "12",
Note: "a customer",
}
fmt.Println(customer)
bindData, err := json.Marshal(customer)
if err != nil {
panic(err)
}
var jsonStr = []byte(string(bindData))
url := config.APIBaseLive + "v2/customers?code=" + splitCode[1] + "&scope=" + scope
req, err := http.NewRequest("POST", url, bytes.NewBuffer(jsonStr))
req.Header.Add("Authorization", "Bearer "+splitCode[1])
req.Header.Add("Accept", "application/json")
fmt.Println("Request", req)
client := &http.Client{}
resp, err := client.Do(req)
// fmt.Println(resp, err)
if err != nil {
panic(err)
}
defer resp.Body.Close()
resp.Header.Add("Authorization", "Bearer "+splitCode[1])
resp.Header.Add("Accept", "application/json")
fmt.Println("response Status:", resp.Status)
fmt.Println("response Headers:", resp.Header)
body, _ := ioutil.ReadAll(resp.Body)
fmt.Println("response Body:", string(body))
}
type Customer struct {
GivenName string `json:"given_name" bson:"given_name"`
FamilyName string `json:"family_name" bson:"family_name"`
CompanyName string `json:"company_name" bson:"company_name"`
Nickname string `json:"nickname" bson:"nickname"`
EmailAddress string `json:"email_address" bson:"email_address"`
Address Addresss `json:"address" bson:"address"`
PhoneNumber string `json:"phone_number" bson:"phone_number"`
ReferenceId string `json:"reference_id" bson:"reference_id"`
Note string `json:"note" bson:"note"`
}
错误:-
{
"errors": [
{
"category": "AUTHENTICATION_ERROR",
"code": "UNAUTHORIZED",
"detail": "This request could not be authorized."
}
]
}
在点击https://connect.squareup.com/oauth2/authorize?client_id=your_client_id
时,它将把您定向到您添加的带有查询密钥代码的URL重定向URL,该查询字符串代码具有密钥验证密钥。您将在仪表板中添加重定向URL,然后使用此代码将您称为身份验证用户。谁能帮我解决这个问题?
谢谢。
答案 0 :(得分:1)
检查Square https://docs.connect.squareup.com/authz/oauth/how-it-works如何实现oauth2
您的GO代码在该图上为BACKEND。
预计会从CLIENT(浏览器,本机或移动应用程序)中调用https://connect.squareup.com/oauth2/authorize,这将导致浏览器中的某些HTTP重定向向用户询问凭据和其他挑战。预期这些凭据将由人类使用浏览器或Web View(浏览器的无边框版本)提供。
从GO发送请求时,您可能会获得重定向响应。即重定向到HTML页面,用户可以在其中输入凭据。
不要尝试在GO中实现CLIENT,因为整个oauth2
流都假定有用户输入,并且应该检测并拒绝后端代码,所以这应该是不可能的。