Google oauth2和400错误的请求:Google方面的错误? [英] Google oauth2 and 400 bad request: Bug on Google side?

查看:164
本文介绍了Google oauth2和400错误的请求:Google方面的错误?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我们的网站上的Google oauth2运行正常.但是,Chrome用户经常抱怨约400错误的请求,因此我们现在可以重现该请求.根据调查,它确实看起来像是Google方面的错误:

We have Google oauth2 working fine on our website. However, often Chrome users complaint about 400 Bad request and we were able to reproduce it now. Based on the investigation, it indeed looks like a bug on Google side:

  1. 这仅适用于之前通过身份验证并使用GMail上的多个帐户登录的用户
  2. 当同一用户使用隐身窗口时,不会发生这种情况.
  3. 这个问题很普遍,不仅存在于我们的网站上.目前,我无法在包括StackOverflow在内的任何网站上使用google oauth2登录. Stackoverflow网站也给出相同的400 Bad请求错误,我必须使用隐身模式.
  4. 没有其他信息以及400错误的请求错误
  5. 为了进一步确认,我刚刚加载了 https://accounts.google.com/o/oauth2 /auth (不带任何参数),它还给出了400错误的请求.但是,如果我以隐身方式加载它,则会出现错误:invalid_request.因此确实存在不同的行为.
  6. 因此我们怀疑问题可能在于随请求一起发送的cookie,因为隐身窗口没有cookie.因此,我们清除了域account.google.com的所有cookie,并神奇地解决了问题.这确认了Google的代码端无法处理自己的Cookie.
  1. It only happens with users who were authenticated earlier and logged-in with multiple accounts on GMail
  2. It doesn't happen when the same user uses incognito window.
  3. This problem is universal and not only with our website. At this moment, I am not able to login using google oauth2 on any website including StackOverflow. Stackoverflow site also gives the same 400 Bad request error and I have to use incognito.
  4. No additional information is present along with 400 Bad Request Error
  5. To further confirm, I just loaded https://accounts.google.com/o/oauth2/auth without any parameters and it also gave 400 Bad request. However, if I load it in incognito, it gives Error: invalid_request. So there is indeed different behavior.
  6. So We suspected that the problem might be with cookies sent along with request since incognito window has no cookies. So we cleared all the cookies for domain accounts.google.com and problem magically solved. This confirms that Google side of code is not able to handle their own cookies.

我们真的需要解决这个问题.请帮忙.如果需要任何信息,请告诉我.

We really need to solve this. Please help. Do let me know if you need any information.

推荐答案

这可能仅是由于具有多个Google帐户登录的客户(如此处

This might be caused only for the clients that have multiple google accounts logged in as described here Google OAuth2 returns Bad Request when logged with multiple accounts.

我不清楚是Google错误还是API的误用.无论如何,stackoverflow也会受到影响.

It is not clear to me if is a google bug or a miss-use of the api. Anyway stackoverflow is affected as well.

这篇关于Google oauth2和400错误的请求:Google方面的错误?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆