Golang sdk and oauth2 (authorization code)

Questions OAuth/OIDC
1

Hello, everyone.

I’m trying to create a golang cli to interact with the API. I managed to do this authenticating with an API Token provided by the user, stored in a file or in an envvar.

Now I am trying to add oauth2 access, the goal is:

  • when the user runs the script it opens a browser with the okta login and creates an http server behind the scenes to catch the redirect.
  • the user logs in
  • the server catches the data and extracts the id and access tokens and the JSESSIONID
  • the server is shutdown
  • and the script uses the data to call the sdk

So far I am getting the credentials, but I can’t figure out how to create the new sdk client with them (I mean, create the client with an API token is easy, but how can I pass to it the id and access tokens and the JSESSIONID?)

Using these:

      "github.com/okta/okta-sdk-golang/v2/okta"
      "github.com/okta/okta-sdk-golang/v2/okta/query"
      "github.com/okta/okta-jwt-verifier-golang"

Any suggestions?

Thanks

2

The Golang management SDK is not designed to take in an access token directly to authorize requests against Okta endpoints, but you can configure it to use a Service app configured with private_key_jwt and it will request tokens for you. Details here

3

Thanks, Andrea.

I understand. My goal is to distribute the script, but only let authorized users use it. So, if the script is copied by someone else, she/he won’t have authorization.

Afaik, the private_key_jwt way will request the tokens using this key and with no intervention from the user side, am I right?

I mean, if I use what I have now, but hitting directly the API instead of using the sdk, I believe I can use the data I fetched. Maybe the solution would be to get rid of the sdk and use the raw api call?