Google AppScript(GAS)是否支持O-Auth 2.0隐式授予类型 [英] Does Google AppScript (GAS) supports O-Auth 2.0 Implicit Grant-Type
问题描述
我正在尝试使用Google Apps脚本创建一个新的Gmail附件,并尝试访问第三方非Google API.为此,我使用O-Auth 2.0隐式授予类型进行身份验证.
I'm trying to create a new Gmail add-on using Google Apps Script and trying to access third-party, non-Google API. For that I am using O-Auth 2.0 Implicit Grant-Type for authentication.
AuthService
的外观如下:
function getOAuthService() {
return OAuth2.createService('Podio O-Auth')
.setAuthorizationBaseUrl('Base Url')
.setTokenUrl('Token Url')
.setClientId('clientId')
.setClientSecret('clientSecret')
.setParam('redirect_uri', 'https://script.google.com/macros/d/' + scriptID + '/usercallback')
.setScope('GLOBAL')
.setCallbackFunction('authCallback')
.setCache(CacheService.getUserCache())
.setParam('response_type', 'token')
.setParam('response_mode', 'query')
.setParam('state', getStateToken('authCallback')) // function to generate the state token on the fly
.setPropertyStore(PropertiesService.getUserProperties());
}
该脚本正确生成了一个包含我的redirect_uri
的URL
Auth提取请求,生成令牌,然后将我重定向到scripts.google.com域.
The script correctly generates an URL that includes my redirect_uri
Auth picks up the request, generates a token, and redirects me to the scripts.google.com domain.
点击scripts.google.com
后,我将重定向到包含我的自定义域的URL,例如
Once hitting scripts.google.com
, I am redirected to an URL that includes my custom domain, e.g.
https://script.google.com/a/macros/[custom-domain]/d/[script-id]/usercallback#access_token=[token]&expires_in=7200&token_type=Bearer&state=[state]&id_token=[token]
哪个会导致此错误:
因为该URL被#
分割了.如果我将#
替换为?
,则它会按预期工作.
because the url is fragmented by #
. If I replace the #
with ?
, then it works as expected.
谁能告诉我如何解决此问题?如果不是,那么我是否必须为此目的授权代码授予流程?
Can anyone please tell me how can I fix this issue? If not then do I have to Authorization code grant flow for this purpose ?
注意:我已经将setParam('response_type', 'token')
用作隐式授予类型
Note: I have used setParam('response_type', 'token')
for Implicit Grant-Type
推荐答案
该库当前不支持隐式授予. Google AppScript支持服务器端流程.
因此,我设置了response_type = code
,这是工作授权服务,如下所示:
The library currently doesn't support implicit grants. Google AppScript supports server side flow.
So, I set the response_type = code
and this is the working authorization service looks like:
function getOAuthService() {
return OAuth2.createService('Podio O-Auth')
.setAuthorizationBaseUrl('Base Url')
.setTokenUrl('Token Url')
.setClientId('clientId')
.setClientSecret('clientSecret')
.setParam('redirect_uri', 'https://script.google.com/macros/d/' + scriptID + '/usercallback')
.setScope('GLOBAL')
.setCallbackFunction('authCallback')
.setCache(CacheService.getUserCache())
.setParam('response_type', 'code')
.setParam('response_mode', 'query')
.setParam('state', getStateToken('authCallback')) // function to generate the state token on the fly
.setPropertyStore(PropertiesService.getUserProperties());
}
它首先在内部调用autorizatiionBaseUrl并接收授权代码.并使用此授权代码再次向TokenUrl发出发布请求,以获取auth_token,refresh_token和其他详细信息. 谢谢. :)
It internally first calls the autorizatiionBaseUrl and recieves the authorization code. And with this authorization code it agains makes a post request to TokenUrl to get the auth_token, refresh_token and other details. Thanks. :)
这篇关于Google AppScript(GAS)是否支持O-Auth 2.0隐式授予类型的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!