Google OAUTH:请求中的重定向URI与注册的重定向URI不匹配 [英] Google OAUTH: The redirect URI in the request did not match a registered redirect URI
问题描述
我正在尝试从基于Java的网络应用程序上传到YouTube,花了几天的时间来了解问题所在和原因,但我无法解决,因为现在我将头发拔掉了.
I am trying to make an upload to YouTube from my Java based web app, I spent a few days to understand what and where is the problem and I cannot get it, for now I am pulling my hair out off my head.
我在Google控制台中注册了Web应用程序,因此我获得了一对Client ID和Secret,并且可以使用我的配置下载JSON类型文件.
I registered my web app in Google Console, so I got a pair of Client ID and Secret and a possibility to download JSON type file with my config.
这是配置:
{
"web":{
"auth_uri":"https://accounts.google.com/o/oauth2/auth",
"client_secret":"***",
"token_uri":"https://accounts.google.com/o/oauth2/token",
"client_email":"***",
"redirect_uris":["http://localhost:8080/WEBAPP/youtube-callback.html","http://www.WEBAPP.md/youtube-callback.html"],
"client_x509_cert_url":"***",
"client_id":"***",
"auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs",
"javascript_origins":["http://www.WEBAPP.md/"]
}
}
我怎么可能从Google获取默认网址?
How is possible that I am getting the default URL from Google?
The redirect URI in the request: http://localhost:8080/Callback did not match a registered redirect URI
它始终为我提供默认的http://localhost:8080/Callback
URL,而不是我的URL.
It always gives me the default http://localhost:8080/Callback
URL instead of mine.
IDE控制台向我显示了
And IDE console shows me that:
Please open the following address in your browser:
https://accounts.google.com/o/oauth2/auth?client_id=***&redirect_uri=http://localhost:8080/Callback&response_type=code&scope=https://www.googleapis.com/auth/youtube.upload
Attempting to open that address in the default browser now...
Please open the following address in your browser:
https://accounts.google.com/o/oauth2/auth?client_id=***&redirect_uri=http://localhost:8080/Callback&response_type=code&scope=https://www.googleapis.com/auth/youtube.upload
Attempting to open that address in the default browser now...
我正在使用最新版本的依赖项: google-api-services-youtube v3-rev99-1.17.0-rc 和 google-api-services-youtubeAnalytics v1-rev35-1.17.0-rc
I am using the last version of dependencies: google-api-services-youtube v3-rev99-1.17.0-rc and google-api-services-youtubeAnalytics v1-rev35-1.17.0-rc
推荐答案
当您的浏览器将用户重定向到Google的oAuth页面时,您是否要通过令牌响应将希望Google服务器返回的重定向URI作为参数传递?在控制台中设置重定向URI并不是告诉Google尝试登录时该去哪里的方法,而是一种告诉Google允许的重定向URI是什么的方法(因此,如果其他人通过您的客户端编写了Web应用, ID,但不允许使用其他重定向URI);您的Web应用程序应在有人单击登录"按钮时将浏览器发送至:
When your browser redirects the user to Google's oAuth page, are you passing as a parameter the redirect URI you want Google's server to return to with the token response? Setting a redirect URI in the console is not a way of telling Google where to go when a login attempt comes in, but rather it's a way of telling Google what the allowed redirect URIs are (so if someone else writes a web app with your client ID but a different redirect URI it will be disallowed); your web app should, when someone clicks the "login" button, send the browser to:
https://accounts.google.com/o/oauth2/auth?client_id=XXXXX&redirect_uri=http://localhost:8080/WEBAPP/youtube-callback.html&response_type=code&scope=https://www.googleapis.com/auth/youtube.upload
(作为参数传递的回调URI必须经过url编码,顺便说一句).
(the callback URI passed as a parameter must be url-encoded, btw).
当Google的服务器获得用户的授权时,它将把浏览器重定向到您以redirect_uri
身份发送的任何内容.它将在请求中包含令牌作为参数,因此您的回调页面可以随后验证令牌,获取访问令牌并转到应用程序的其他部分.
When Google's server gets authorization from the user, then, it'll redirect the browser to whatever you sent in as the redirect_uri
. It'll include in that request the token as a parameter, so your callback page can then validate the token, get an access token, and move on to the other parts of your app.
如果您访问:
http://code.google.com/p/google-api-java-client/wiki/OAuth2#Authorization_Code_Flow
您可以在那里看到更好的Java客户端示例,这表明您必须重写getRedirectUri
方法以指定回调路径,因此不使用默认值.
You can see better samples of the java client there, demonstrating that you have to override the getRedirectUri
method to specify your callback path so the default isn't used.
出于多种原因,重定向URI位于client_secrets.json
文件中……一个重要原因是,oAuth流可以验证您的应用指定的重定向是否与您的应用所允许的匹配.
The redirect URIs are in the client_secrets.json
file for multiple reasons ... one big one is so that the oAuth flow can verify that the redirect your app specifies matches what your app allows.
如果您访问 https://developers.google.com/api-client-library/java/apis/youtube/v3 您可以为自己生成一个示例应用程序,该应用程序直接基于控制台中的应用程序,在该应用程序中(再次)getRedirectUri方法被覆盖以使用您的特定回调.
If you visit https://developers.google.com/api-client-library/java/apis/youtube/v3 You can generate a sample application for yourself that's based directly off your app in the console, in which (again) the getRedirectUri method is overwritten to use your specific callbacks.
这篇关于Google OAUTH:请求中的重定向URI与注册的重定向URI不匹配的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!