Golang sample for a CLI obtaining an access token using the PKCE flow

Hi! I am in the process of building a CLI in golang that should be able to call my node.js express API, which is secured with Auth0.

This scenario requires a number of steps as outlined here: https://auth0.com/docs/api-auth/tutorials/authorization-code-grant-pkce

Unfortunately, aside from a number of snippets, after a day of pretty extensive googling, I’ve not been able to find a complete sample for creating a code verifier and challenge in golang, getting the user’s authorization by opening a web page and redirecting back to a localhost server, extracting the authorization code, and then exchanging that authorization code for an access token.

Unfortunately the golang oauth2 library suite at https://github.com/golang/oauth2 doesn’t seem to include support for PKCE - just for client credentials. But for a CLI, PKCE seems to be a great option - for example the way the “gcloud” CLI authenticates with GCP.

Does a sample like this exist? If not, I believe this kind of sample would be an amazing help for the community!

While this wasn’t all that hard to build (took a few hours), I created a gist that could save some time for the next person who tries to accomplish something similar :wink:

1 Like

Thanks a lot for sharing it with the rest of community!