如何使用golang在Squareup付款网关中添加客户?

时间:2018-12-10 13:26:41

标签: security go oauth-2.0

我正在使用golang在squareup.com中添加客户,但它总是显示授权的问题谁能告诉我我的代码有什么问题:-

func Token(c *gin.Context) {
 code := c.Query("code")
 splitCode := strings.Split(code, "-")
 scope := c.DefaultQuery("scope", "CUSTOMERS_WRITE")
 customer := models.Customer{
    GivenName:    "Amelia",
    FamilyName:   "Earhart",
    CompanyName:  "fbgusbd",
    Nickname:     "kdfbkgjkdf",
    EmailAddress: "Amelia.Earhart@example.com",
    Address: models.Addresss{
        AddressLine1:                 "500 Electric Ave",
        AddressLine2:                 "Suite 600",
        Locality:                     "New York",
        AdministrativeDistrictLevel1: "NY",
        PostalCode:                   "10003",
        Country:                      "US",
    },
    PhoneNumber: "1-212-555-4240",
    ReferenceId: "12",
    Note:        "a customer",
 }
 fmt.Println(customer)
 bindData, err := json.Marshal(customer)
 if err != nil {
    panic(err)
 }
 var jsonStr = []byte(string(bindData))
 url := config.APIBaseLive + "v2/customers?code=" + splitCode[1] + "&scope=" + scope

 req, err := http.NewRequest("POST", url, bytes.NewBuffer(jsonStr))
 req.Header.Add("Authorization", "Bearer "+splitCode[1])
 req.Header.Add("Accept", "application/json")
 fmt.Println("Request", req)
  client := &http.Client{}
  resp, err := client.Do(req)
 // fmt.Println(resp, err)
 if err != nil {
    panic(err)
 }
 defer resp.Body.Close()
 resp.Header.Add("Authorization", "Bearer "+splitCode[1])
 resp.Header.Add("Accept", "application/json")
 fmt.Println("response Status:", resp.Status)
 fmt.Println("response Headers:", resp.Header)
 body, _ := ioutil.ReadAll(resp.Body)
 fmt.Println("response Body:", string(body))
}

type Customer struct {
  GivenName    string   `json:"given_name" bson:"given_name"`
  FamilyName   string   `json:"family_name" bson:"family_name"`
  CompanyName  string   `json:"company_name" bson:"company_name"`
  Nickname     string   `json:"nickname" bson:"nickname"`
  EmailAddress string   `json:"email_address" bson:"email_address"`
  Address      Addresss `json:"address" bson:"address"`
  PhoneNumber  string   `json:"phone_number" bson:"phone_number"`
  ReferenceId  string   `json:"reference_id" bson:"reference_id"`
  Note         string   `json:"note" bson:"note"`
}

错误:-

 {
  "errors": [
     {
        "category": "AUTHENTICATION_ERROR",
        "code": "UNAUTHORIZED",
        "detail": "This request could not be authorized."
     }
   ]
}

在点击https://connect.squareup.com/oauth2/authorize?client_id=your_client_id时,它将把您定向到您添加的带有查询密钥代码的URL重定向URL,该查询字符串代码具有密钥验证密钥。您将在仪表板中添加重定向URL,然后使用此代码将您称为身份验证用户。谁能帮我解决这个问题?

谢谢。

1 个答案:

答案 0 :(得分:1)

检查Square https://docs.connect.squareup.com/authz/oauth/how-it-works如何实现oauth2

您的GO代码在该图上为BACKEND。

预计会从CLIENT(浏览器,本机或移动应用程序)中调用

https://connect.squareup.com/oauth2/authorize,这将导致浏览器中的某些HTTP重定向向用户询问凭据和其他挑战。预期这些凭据将由人类使用浏览器或Web View(浏览器的无边框版本)提供。

从GO发送请求时,您可能会获得重定向响应。即重定向到HTML页面,用户可以在其中输入凭据。

不要尝试在GO中实现CLIENT,因为整个oauth2流都假定有用户输入,并且应该检测并拒绝后端代码,所以这应该是不可能的。