Google OAuth 2 授权 - 为令牌交换代码 [英] Google OAuth 2 authorization - swapping code for token

问题描述

我正在尝试实施 Google OAuth 2 以访问 Google API.我遵循 this 指南，使用服务器端方案.

I'm trying to implement Google OAuth 2 to get access to Google APIs. I follow this guide, using server-side scenario.

获取代码没有问题，服务器重定向到本地主机(这是目前重定向 URI 中唯一允许的服务器).为此，我转到 https://accounts.google.com/o/oauth2/auth?client_id=whatever.apps.googleusercontent.com&redirect_uri=http://localhost/&scope=https://www.google.com/m8/feeds/&response_type=code 页面.

I have no problem with getting the code, server redirects to localhost (which is the only server allowed in redirect URIs for now). To achieve this, I go to https://accounts.google.com/o/oauth2/auth?client_id=whatever.apps.googleusercontent.com&redirect_uri=http://localhost/&scope=https://www.google.com/m8/feeds/&response_type=code page.

然后，我尝试使用 curl(如指南中所述)来测试 Google 的服务器是否使用访问令牌进行响应.然而，它似乎很难失败.我能得到的唯一响应是 {"error":"invalid_client"}.我确定我提供了 Google 希望我提供的所有内容 - 代码、客户端 ID、客户端密码、重定向 URI(本地主机)和 grant_type=authorization_code.

Then, I tried using curl (as in guide) to test, if Google's server responds with access token. However, it seems to fail very hard. Only response I can get is {"error":"invalid_client"}. I'm sure I provide everything Google wants me to provide - code, client ID, client secret, redirect URI (localhost) and grant_type=authorization_code.

整个 curl 命令行是:

curl https://accounts.google.com/o/oauth2/token -d "code=<code>&client_id=whatever.apps.googleusercontent.com&client_secret=<won't tell!>&redirect_uri=http://localhost&grant_type=authorization_code"

我错过了什么吗?如何交换访问令牌的代码?

Am I missing something? How can I exchange code for access token?

推荐答案

您是否 urlencode 您的客户端机密和重定向 url?这对我行得通.

Did you urlencode your client secret and redirect url? That works for me.

应该是 http%3A%2F%2Flocalhost 而不是 https://localhost.

这篇关于Google OAuth 2 授权 - 为令牌交换代码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！