Google OAuth 2授权-交换代码以获得令牌 [英] Google OAuth 2 authorization - swapping code for token

问题描述

我正在尝试实施Google OAuth 2以获取对Google API的访问权限.我使用服务器端方案遵循本指南.

I'm trying to implement Google OAuth 2 to get access to Google APIs. I follow this guide, using server-side scenario.

我获取代码没有问题，服务器重定向到localhost(这是目前重定向URI中允许的唯一服务器). 为此，请转到https://accounts.google.com/o/oauth2/auth?client_id=whatever.apps.googleusercontent.com&redirect_uri=http://localhost/&scope=https://www.google.com/m8/feeds/&response_type=code页面.

I have no problem with getting the code, server redirects to localhost (which is the only server allowed in redirect URIs for now). To achieve this, I go to https://accounts.google.com/o/oauth2/auth?client_id=whatever.apps.googleusercontent.com&redirect_uri=http://localhost/&scope=https://www.google.com/m8/feeds/&response_type=code page.

然后，我尝试使用curl(如指南所示)进行测试，以检查Google的服务器是否使用访问令牌进行响应.但是，它似乎很难失败.我只能得到的响应是{"error":"invalid_client"}.我确定我已经提供了Google希望我提供的所有内容-代码，客户端ID，客户端密码，重定向URI(本地主机)和grant_type=authorization_code.

Then, I tried using curl (as in guide) to test, if Google's server responds with access token. However, it seems to fail very hard. Only response I can get is {"error":"invalid_client"}. I'm sure I provide everything Google wants me to provide - code, client ID, client secret, redirect URI (localhost) and grant_type=authorization_code.

整个curl命令行为:

curl https://accounts.google.com/o/oauth2/token -d "code=<code>&client_id=whatever.apps.googleusercontent.com&client_secret=<won't tell!>&redirect_uri=http://localhost&grant_type=authorization_code"

我错过了什么吗?如何交换访问令牌的代码?

Am I missing something? How can I exchange code for access token?

推荐答案

您是urlencode您的客户端机密并重定向了URL吗?这对我行得通.

Did you urlencode your client secret and redirect url? That works for me.

应该是http%3A%2F%2Flocalhost而不是https://localhost.

这篇关于Google OAuth 2授权-交换代码以获得令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！