oauth2/example_test.go

// Copyright 2014 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

package oauth2_test

import (
	"context"
	"fmt"
	"log"
	"net/http"
	"time"

	"golang.org/x/oauth2"
)

func ExampleConfig() {
	ctx := context.Background()
	conf := &oauth2.Config{
		ClientID:     "YOUR_CLIENT_ID",
		ClientSecret: "YOUR_CLIENT_SECRET",
		Scopes:       []string{"SCOPE1", "SCOPE2"},
		Endpoint: oauth2.Endpoint{
			AuthURL:  "https://provider.com/o/oauth2/auth",
			TokenURL: "https://provider.com/o/oauth2/token",
		},
	}

	// use PKCE to protect against CSRF attacks
	// https://www.ietf.org/archive/id/draft-ietf-oauth-security-topics-22.html#name-countermeasures-6
	verifier := oauth2.GenerateVerifier()

	// Redirect user to consent page to ask for permission
	// for the scopes specified above.
	url := conf.AuthCodeURL("state", oauth2.AccessTypeOffline, oauth2.S256ChallengeOption(verifier))
	fmt.Printf("Visit the URL for the auth dialog: %v", url)

	// Use the authorization code that is pushed to the redirect
	// URL. Exchange will do the handshake to retrieve the
	// initial access token. The HTTP Client returned by
	// conf.Client will refresh the token as necessary.
	var code string
	if _, err := fmt.Scan(&code); err != nil {
		log.Fatal(err)
	}
	tok, err := conf.Exchange(ctx, code, oauth2.VerifierOption(verifier))
	if err != nil {
		log.Fatal(err)
	}

	client := conf.Client(ctx, tok)
	client.Get("...")
}

func ExampleConfig_customHTTP() {
	ctx := context.Background()

	conf := &oauth2.Config{
		ClientID:     "YOUR_CLIENT_ID",
		ClientSecret: "YOUR_CLIENT_SECRET",
		Scopes:       []string{"SCOPE1", "SCOPE2"},
		Endpoint: oauth2.Endpoint{
			TokenURL: "https://provider.com/o/oauth2/token",
			AuthURL:  "https://provider.com/o/oauth2/auth",
		},
	}

	// Redirect user to consent page to ask for permission
	// for the scopes specified above.
	url := conf.AuthCodeURL("state", oauth2.AccessTypeOffline)
	fmt.Printf("Visit the URL for the auth dialog: %v", url)

	// Use the authorization code that is pushed to the redirect
	// URL. Exchange will do the handshake to retrieve the
	// initial access token. The HTTP Client returned by
	// conf.Client will refresh the token as necessary.
	var code string
	if _, err := fmt.Scan(&code); err != nil {
		log.Fatal(err)
	}

	// Use the custom HTTP client when requesting a token.
	httpClient := &http.Client{Timeout: 2 * time.Second}
	ctx = context.WithValue(ctx, oauth2.HTTPClient, httpClient)

	tok, err := conf.Exchange(ctx, code)
	if err != nil {
		log.Fatal(err)
	}

	client := conf.Client(ctx, tok)
	_ = client
}
all: change copyright to 'Go Authors' Fixes golang/go#12354 Change-Id: Ie4bbe9445e2a840c9db830c9bd52a783b7a6f9bc Reviewed-on: https://go-review.googlesource.com/13952 Reviewed-by: Russ Cox <rsc@golang.org> 2015-08-27 03:42:02 +03:00			`// Copyright 2014 The Go Authors. All rights reserved.`
Introduce an option function type - Reduce the duplicate code by merging the flows and determining the flow type by looking at the provided options. - Options as a function type allows us to validate an individual an option in its scope and makes it easier to compose the built-in options with the third-party ones. 2014-11-07 03:36:41 +03:00			`// Use of this source code is governed by a BSD-style`
			`// license that can be found in the LICENSE file.`

Fix examples. 2014-06-25 01:28:46 +04:00			`package oauth2_test`
Add examples for regular and JWT configs and transport init. 2014-06-24 23:44:20 +04:00
			`import (`
all: deprecate NoContext There is no good reason why we suggest NoContext rather than context.Background(). When the oauth2 library first came around, the community was not familiar with the x/net/context package. For documentation reasons, we decided to add NoContext to the oauth2 package. It was not a good idea even back then. And given that context package is fairly popular, there is no good reason why we are depending on this. Updating all the references of NoContext with context.Background and documenting it as deprecated. Change-Id: I18e390f1351023a29b567777a3f963dd550cf657 Reviewed-on: https://go-review.googlesource.com/27690 Reviewed-by: Chris Broadfoot <cbro@golang.org> 2016-08-25 01:40:36 +03:00			`"context"`
Add examples for regular and JWT configs and transport init. 2014-06-24 23:44:20 +04:00			`"fmt"`
			`"log"`
oauth2: add example how to use a custom HTTP client Change-Id: Iffff423c167610c80e8dd1c51945c32b781e8653 Reviewed-on: https://go-review.googlesource.com/37695 Reviewed-by: Chris Broadfoot <cbro@golang.org> 2017-03-02 23:04:53 +03:00			`"net/http"`
			`"time"`
Fix examples. 2014-06-25 01:28:46 +04:00
oauth2: add vanity URL import comments, use the vanity URL on builds Change-Id: Ia20e40d98aa709e3d598388e0a15501584152ab5 2014-11-26 22:44:45 +03:00			`"golang.org/x/oauth2"`
Add examples for regular and JWT configs and transport init. 2014-06-24 23:44:20 +04:00			`)`

oauth2: rewrite google package, fix the broken build Change-Id: I2753a88d7be483bdbc0cac09a1beccc4806ea4bc Reviewed-on: https://go-review.googlesource.com/1361 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Reviewed-by: Andrew Gerrand <adg@golang.org> 2014-12-11 10:30:13 +03:00			`func ExampleConfig() {`
all: deprecate NoContext There is no good reason why we suggest NoContext rather than context.Background(). When the oauth2 library first came around, the community was not familiar with the x/net/context package. For documentation reasons, we decided to add NoContext to the oauth2 package. It was not a good idea even back then. And given that context package is fairly popular, there is no good reason why we are depending on this. Updating all the references of NoContext with context.Background and documenting it as deprecated. Change-Id: I18e390f1351023a29b567777a3f963dd550cf657 Reviewed-on: https://go-review.googlesource.com/27690 Reviewed-by: Chris Broadfoot <cbro@golang.org> 2016-08-25 01:40:36 +03:00			`ctx := context.Background()`
oauth2: rewrite google package, fix the broken build Change-Id: I2753a88d7be483bdbc0cac09a1beccc4806ea4bc Reviewed-on: https://go-review.googlesource.com/1361 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Reviewed-by: Andrew Gerrand <adg@golang.org> 2014-12-11 10:30:13 +03:00			`conf := &oauth2.Config{`
			`ClientID: "YOUR_CLIENT_ID",`
			`ClientSecret: "YOUR_CLIENT_SECRET",`
			`Scopes: []string{"SCOPE1", "SCOPE2"},`
			`Endpoint: oauth2.Endpoint{`
			`AuthURL: "https://provider.com/o/oauth2/auth",`
			`TokenURL: "https://provider.com/o/oauth2/token",`
			`},`
Add examples for regular and JWT configs and transport init. 2014-06-24 23:44:20 +04:00			`}`

oauth2: support PKCE Fixes #603 Fixes golang/go#59835 Change-Id: Ica0cfef975ba9511e00f097498d33ba27dafca0d GitHub-Last-Rev: f01f7593a321712d3f078b2dbb8d913cfbbc0c46 GitHub-Pull-Request: golang/oauth2#625 Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/463979 Reviewed-by: Cherry Mui <cherryyz@google.com> Run-TryBot: Matt Hickford <matt.hickford@gmail.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> 2023-09-07 20:23:22 +03:00			`// use PKCE to protect against CSRF attacks`
			`// https://www.ietf.org/archive/id/draft-ietf-oauth-security-topics-22.html#name-countermeasures-6`
			`verifier := oauth2.GenerateVerifier()`

Add examples for regular and JWT configs and transport init. 2014-06-24 23:44:20 +04:00			`// Redirect user to consent page to ask for permission`
			`// for the scopes specified above.`
oauth2: support PKCE Fixes #603 Fixes golang/go#59835 Change-Id: Ica0cfef975ba9511e00f097498d33ba27dafca0d GitHub-Last-Rev: f01f7593a321712d3f078b2dbb8d913cfbbc0c46 GitHub-Pull-Request: golang/oauth2#625 Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/463979 Reviewed-by: Cherry Mui <cherryyz@google.com> Run-TryBot: Matt Hickford <matt.hickford@gmail.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> 2023-09-07 20:23:22 +03:00			`url := conf.AuthCodeURL("state", oauth2.AccessTypeOffline, oauth2.S256ChallengeOption(verifier))`
Add examples for regular and JWT configs and transport init. 2014-06-24 23:44:20 +04:00			`fmt.Printf("Visit the URL for the auth dialog: %v", url)`

oauth2: fix stale docs NewTransportWithCode no longer exists. Change-Id: Iccb1abc5700ecc97d6bd73313c88676e19f2c396 Reviewed-on: https://go-review.googlesource.com/25118 Reviewed-by: Mike Wiacek <mjwiacek@google.com> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 2016-07-21 20:18:24 +03:00			`// Use the authorization code that is pushed to the redirect`
			`// URL. Exchange will do the handshake to retrieve the`
			`// initial access token. The HTTP Client returned by`
			`// conf.Client will refresh the token as necessary.`
Introduce an option function type - Reduce the duplicate code by merging the flows and determining the flow type by looking at the provided options. - Options as a function type allows us to validate an individual an option in its scope and makes it easier to compose the built-in options with the third-party ones. 2014-11-07 03:36:41 +03:00			`var code string`
oauth2: rewrite google package, fix the broken build Change-Id: I2753a88d7be483bdbc0cac09a1beccc4806ea4bc Reviewed-on: https://go-review.googlesource.com/1361 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Reviewed-by: Andrew Gerrand <adg@golang.org> 2014-12-11 10:30:13 +03:00			`if _, err := fmt.Scan(&code); err != nil {`
Handle scan error. 2014-06-25 00:26:45 +04:00			`log.Fatal(err)`
			`}`
oauth2: support PKCE Fixes #603 Fixes golang/go#59835 Change-Id: Ica0cfef975ba9511e00f097498d33ba27dafca0d GitHub-Last-Rev: f01f7593a321712d3f078b2dbb8d913cfbbc0c46 GitHub-Pull-Request: golang/oauth2#625 Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/463979 Reviewed-by: Cherry Mui <cherryyz@google.com> Run-TryBot: Matt Hickford <matt.hickford@gmail.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> 2023-09-07 20:23:22 +03:00			`tok, err := conf.Exchange(ctx, code, oauth2.VerifierOption(verifier))`
Add examples for regular and JWT configs and transport init. 2014-06-24 23:44:20 +04:00			`if err != nil {`
			`log.Fatal(err)`
			`}`

all: deprecate NoContext There is no good reason why we suggest NoContext rather than context.Background(). When the oauth2 library first came around, the community was not familiar with the x/net/context package. For documentation reasons, we decided to add NoContext to the oauth2 package. It was not a good idea even back then. And given that context package is fairly popular, there is no good reason why we are depending on this. Updating all the references of NoContext with context.Background and documenting it as deprecated. Change-Id: I18e390f1351023a29b567777a3f963dd550cf657 Reviewed-on: https://go-review.googlesource.com/27690 Reviewed-by: Chris Broadfoot <cbro@golang.org> 2016-08-25 01:40:36 +03:00			`client := conf.Client(ctx, tok)`
Some cleanup, adding Google web flow example. 2014-06-25 00:10:10 +04:00			`client.Get("...")`
Add examples for regular and JWT configs and transport init. 2014-06-24 23:44:20 +04:00			`}`
oauth2: add example how to use a custom HTTP client Change-Id: Iffff423c167610c80e8dd1c51945c32b781e8653 Reviewed-on: https://go-review.googlesource.com/37695 Reviewed-by: Chris Broadfoot <cbro@golang.org> 2017-03-02 23:04:53 +03:00
oauth2: improve the custom HTTP client example Fix the broken build and make it consistent with the first example. Change-Id: I7c240b826397e6ec04294a2c9de89762d68643de Reviewed-on: https://go-review.googlesource.com/61050 Run-TryBot: JBD <jbd@google.com> Reviewed-by: Emmanuel Odeke <emm.odeke@gmail.com> 2017-09-01 20:40:05 +03:00			`func ExampleConfig_customHTTP() {`
			`ctx := context.Background()`
oauth2: add example how to use a custom HTTP client Change-Id: Iffff423c167610c80e8dd1c51945c32b781e8653 Reviewed-on: https://go-review.googlesource.com/37695 Reviewed-by: Chris Broadfoot <cbro@golang.org> 2017-03-02 23:04:53 +03:00
			`conf := &oauth2.Config{`
			`ClientID: "YOUR_CLIENT_ID",`
			`ClientSecret: "YOUR_CLIENT_SECRET",`
			`Scopes: []string{"SCOPE1", "SCOPE2"},`
			`Endpoint: oauth2.Endpoint{`
			`TokenURL: "https://provider.com/o/oauth2/token",`
oauth2: add examples for basic/custom HTTP client - provides a bare and custom context example demonstrating that http client attributes are not always passed along. - adds clarifying note to the oauth2.go NewClient godoc. - trim down example_test Change-Id: Iad6697eed83429c36b9ba0efc43293f4910938fb Reviewed-on: https://go-review.googlesource.com/36553 Run-TryBot: Ian Lance Taylor <iant@golang.org> Reviewed-by: JBD <jbd@google.com> 2017-02-08 04:56:20 +03:00			`AuthURL: "https://provider.com/o/oauth2/auth",`
oauth2: add example how to use a custom HTTP client Change-Id: Iffff423c167610c80e8dd1c51945c32b781e8653 Reviewed-on: https://go-review.googlesource.com/37695 Reviewed-by: Chris Broadfoot <cbro@golang.org> 2017-03-02 23:04:53 +03:00			`},`
			`}`

oauth2: improve the custom HTTP client example Fix the broken build and make it consistent with the first example. Change-Id: I7c240b826397e6ec04294a2c9de89762d68643de Reviewed-on: https://go-review.googlesource.com/61050 Run-TryBot: JBD <jbd@google.com> Reviewed-by: Emmanuel Odeke <emm.odeke@gmail.com> 2017-09-01 20:40:05 +03:00			`// Redirect user to consent page to ask for permission`
			`// for the scopes specified above.`
			`url := conf.AuthCodeURL("state", oauth2.AccessTypeOffline)`
			`fmt.Printf("Visit the URL for the auth dialog: %v", url)`

			`// Use the authorization code that is pushed to the redirect`
			`// URL. Exchange will do the handshake to retrieve the`
			`// initial access token. The HTTP Client returned by`
			`// conf.Client will refresh the token as necessary.`
			`var code string`
			`if _, err := fmt.Scan(&code); err != nil {`
oauth2: add examples for basic/custom HTTP client - provides a bare and custom context example demonstrating that http client attributes are not always passed along. - adds clarifying note to the oauth2.go NewClient godoc. - trim down example_test Change-Id: Iad6697eed83429c36b9ba0efc43293f4910938fb Reviewed-on: https://go-review.googlesource.com/36553 Run-TryBot: Ian Lance Taylor <iant@golang.org> Reviewed-by: JBD <jbd@google.com> 2017-02-08 04:56:20 +03:00			`log.Fatal(err)`
			`}`

oauth2: improve the custom HTTP client example Fix the broken build and make it consistent with the first example. Change-Id: I7c240b826397e6ec04294a2c9de89762d68643de Reviewed-on: https://go-review.googlesource.com/61050 Run-TryBot: JBD <jbd@google.com> Reviewed-by: Emmanuel Odeke <emm.odeke@gmail.com> 2017-09-01 20:40:05 +03:00			`// Use the custom HTTP client when requesting a token.`
			`httpClient := &http.Client{Timeout: 2 * time.Second}`
			`ctx = context.WithValue(ctx, oauth2.HTTPClient, httpClient)`
oauth2: add examples for basic/custom HTTP client - provides a bare and custom context example demonstrating that http client attributes are not always passed along. - adds clarifying note to the oauth2.go NewClient godoc. - trim down example_test Change-Id: Iad6697eed83429c36b9ba0efc43293f4910938fb Reviewed-on: https://go-review.googlesource.com/36553 Run-TryBot: Ian Lance Taylor <iant@golang.org> Reviewed-by: JBD <jbd@google.com> 2017-02-08 04:56:20 +03:00
oauth2: improve the custom HTTP client example Fix the broken build and make it consistent with the first example. Change-Id: I7c240b826397e6ec04294a2c9de89762d68643de Reviewed-on: https://go-review.googlesource.com/61050 Run-TryBot: JBD <jbd@google.com> Reviewed-by: Emmanuel Odeke <emm.odeke@gmail.com> 2017-09-01 20:40:05 +03:00			`tok, err := conf.Exchange(ctx, code)`
oauth2: add example how to use a custom HTTP client Change-Id: Iffff423c167610c80e8dd1c51945c32b781e8653 Reviewed-on: https://go-review.googlesource.com/37695 Reviewed-by: Chris Broadfoot <cbro@golang.org> 2017-03-02 23:04:53 +03:00			`if err != nil {`
			`log.Fatal(err)`
			`}`
oauth2: add examples for basic/custom HTTP client - provides a bare and custom context example demonstrating that http client attributes are not always passed along. - adds clarifying note to the oauth2.go NewClient godoc. - trim down example_test Change-Id: Iad6697eed83429c36b9ba0efc43293f4910938fb Reviewed-on: https://go-review.googlesource.com/36553 Run-TryBot: Ian Lance Taylor <iant@golang.org> Reviewed-by: JBD <jbd@google.com> 2017-02-08 04:56:20 +03:00
oauth2: improve the custom HTTP client example Fix the broken build and make it consistent with the first example. Change-Id: I7c240b826397e6ec04294a2c9de89762d68643de Reviewed-on: https://go-review.googlesource.com/61050 Run-TryBot: JBD <jbd@google.com> Reviewed-by: Emmanuel Odeke <emm.odeke@gmail.com> 2017-09-01 20:40:05 +03:00			`client := conf.Client(ctx, tok)`
			`_ = client`
oauth2: add example how to use a custom HTTP client Change-Id: Iffff423c167610c80e8dd1c51945c32b781e8653 Reviewed-on: https://go-review.googlesource.com/37695 Reviewed-by: Chris Broadfoot <cbro@golang.org> 2017-03-02 23:04:53 +03:00			`}`