customTokenExchange performs a custom OAuth2 token exchange with support for resource parameter This is needed because golang.org/x/oauth2 doesn't support custom parameters in token requests
(ctx context.Context, baseURL, clientID, clientSecret, code, redirectURI, resource, codeVerifier string)
| 1296 | // customTokenExchange performs a custom OAuth2 token exchange with support for resource parameter |
| 1297 | // This is needed because golang.org/x/oauth2 doesn't support custom parameters in token requests |
| 1298 | func customTokenExchange(ctx context.Context, baseURL, clientID, clientSecret, code, redirectURI, resource, codeVerifier string) (*oauth2.Token, error) { |
| 1299 | data := url.Values{} |
| 1300 | data.Set("grant_type", "authorization_code") |
| 1301 | data.Set("code", code) |
| 1302 | data.Set("client_id", clientID) |
| 1303 | data.Set("client_secret", clientSecret) |
| 1304 | data.Set("redirect_uri", redirectURI) |
| 1305 | if resource != "" { |
| 1306 | data.Set("resource", resource) |
| 1307 | } |
| 1308 | if codeVerifier != "" { |
| 1309 | data.Set("code_verifier", codeVerifier) |
| 1310 | } |
| 1311 | |
| 1312 | req, err := http.NewRequestWithContext(ctx, "POST", baseURL+"/oauth2/tokens", strings.NewReader(data.Encode())) |
| 1313 | if err != nil { |
| 1314 | return nil, err |
| 1315 | } |
| 1316 | req.Header.Set("Content-Type", "application/x-www-form-urlencoded") |
| 1317 | |
| 1318 | client := &http.Client{} |
| 1319 | resp, err := client.Do(req) |
| 1320 | if err != nil { |
| 1321 | return nil, err |
| 1322 | } |
| 1323 | defer resp.Body.Close() |
| 1324 | |
| 1325 | if resp.StatusCode != http.StatusOK { |
| 1326 | var errorResp struct { |
| 1327 | Error string `json:"error"` |
| 1328 | ErrorDescription string `json:"error_description"` |
| 1329 | } |
| 1330 | _ = json.NewDecoder(resp.Body).Decode(&errorResp) |
| 1331 | return nil, xerrors.Errorf("oauth2: %q %q", errorResp.Error, errorResp.ErrorDescription) |
| 1332 | } |
| 1333 | |
| 1334 | var token oauth2.Token |
| 1335 | if err := json.NewDecoder(resp.Body).Decode(&token); err != nil { |
| 1336 | return nil, err |
| 1337 | } |
| 1338 | |
| 1339 | return &token, nil |
| 1340 | } |
| 1341 | |
| 1342 | // TestOAuth2DynamicClientRegistration tests RFC 7591 dynamic client registration |
| 1343 | func TestOAuth2DynamicClientRegistration(t *testing.T) { |