Google OAUTH:请求中的重定向URI与注册的重定向URI不匹配 [英] Google OAUTH: The redirect URI in the request did not match a registered redirect URI
问题描述
我正在尝试从基于Java的网络应用程序上传到YouTube,花了几天的时间来了解问题所在和原因,但我无法解决,因为现在我将头发拔掉了.
I am trying to make an upload to YouTube from my Java based web app, I spent a few days to understand what and where is the problem and I cannot get it, for now I am pulling my hair out off my head.
我在Google控制台中注册了Web应用程序,因此我获得了一对Client ID和Secret,并且可以使用我的配置下载JSON类型文件.
I registered my web app in Google Console, so I got a pair of Client ID and Secret and a possibility to download JSON type file with my config.
这是配置:
{
"web":{
"auth_uri":"https://accounts.google.com/o/oauth2/auth",
"client_secret":"***",
"token_uri":"https://accounts.google.com/o/oauth2/token",
"client_email":"***",
"redirect_uris":["http://localhost:8080/WEBAPP/youtube-callback.html","http://www.WEBAPP.md/youtube-callback.html"],
"client_x509_cert_url":"***",
"client_id":"***",
"auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs",
"javascript_origins":["http://www.WEBAPP.md/"]
}
}
我怎么可能从Google获取默认网址?
How is possible that I am getting the default URL from Google?
The redirect URI in the request: http://localhost:8080/Callback did not match a registered redirect URI
它始终为我提供默认的http://localhost:8080/Callback URL,而不是我的URL.
It always gives me the default http://localhost:8080/Callback URL instead of mine.
IDE控制台向我显示了
And IDE console shows me that:
Please open the following address in your browser:
https://accounts.google.com/o/oauth2/auth?client_id=***&redirect_uri=http://localhost:8080/Callback&response_type=code&scope=https://www.googleapis.com/auth/youtube.upload
Attempting to open that address in the default browser now...
Please open the following address in your browser:
https://accounts.google.com/o/oauth2/auth?client_id=***&redirect_uri=http://localhost:8080/Callback&response_type=code&scope=https://www.googleapis.com/auth/youtube.upload
Attempting to open that address in the default browser now...
我正在使用最新版本的依赖项: google-api-services-youtube v3-rev99-1.17.0-rc 和 google-api-services-youtubeAnalytics v1-rev35-1.17.0-rc
I am using the last version of dependencies: google-api-services-youtube v3-rev99-1.17.0-rc and google-api-services-youtubeAnalytics v1-rev35-1.17.0-rc
推荐答案
当您的浏览器将用户重定向到Google的oAuth页面时,您是否要通过令牌响应将希望Google服务器返回的重定向URI作为参数传递?在控制台中设置重定向URI并不是告诉Google尝试登录时该去哪里的方法,而是一种告诉Google允许的重定向URI是什么的方法(因此,如果其他人通过您的客户端编写了Web应用, ID,但不允许使用其他重定向URI);您的Web应用程序应在有人单击登录"按钮时将浏览器发送至:
When your browser redirects the user to Google's oAuth page, are you passing as a parameter the redirect URI you want Google's server to return to with the token response? Setting a redirect URI in the console is not a way of telling Google where to go when a login attempt comes in, but rather it's a way of telling Google what the allowed redirect URIs are (so if someone else writes a web app with your client ID but a different redirect URI it will be disallowed); your web app should, when someone clicks the "login" button, send the browser to:
https://accounts.google.com/o/oauth2/auth?client_id=XXXXX&redirect_uri=http://localhost:8080/WEBAPP/youtube-callback.html&response_type=code&scope=https://www.googleapis.com/auth/youtube.upload
(作为参数传递的回调URI必须经过url编码,顺便说一句).
(the callback URI passed as a parameter must be url-encoded, btw).
当Google的服务器获得用户的授权时,它将把浏览器重定向到您以redirect_uri身份发送的任何内容.它将在请求中包含令牌作为参数,因此您的回调页面可以随后验证令牌,获取访问令牌并转到应用程序的其他部分.
When Google's server gets authorization from the user, then, it'll redirect the browser to whatever you sent in as the redirect_uri. It'll include in that request the token as a parameter, so your callback page can then validate the token, get an access token, and move on to the other parts of your app.
如果您访问:
http://code.google.com/p/google-api-java-client/wiki/OAuth2#Authorization_Code_Flow
您可以在那里看到更好的Java客户端示例,这表明您必须重写getRedirectUri方法以指定回调路径,因此不使用默认值.
You can see better samples of the java client there, demonstrating that you have to override the getRedirectUri method to specify your callback path so the default isn't used.
出于多种原因,重定向URI位于client_secrets.json文件中……一个重要原因是,oAuth流可以验证您的应用指定的重定向是否与您的应用所允许的匹配.
The redirect URIs are in the client_secrets.json file for multiple reasons ... one big one is so that the oAuth flow can verify that the redirect your app specifies matches what your app allows.
如果您访问 https://developers.google.com/api-client-library/java/apis/youtube/v3 您可以为自己生成一个示例应用程序,该应用程序直接基于控制台中的应用程序,在该应用程序中(再次)getRedirectUri方法被覆盖以使用您的特定回调.
If you visit https://developers.google.com/api-client-library/java/apis/youtube/v3 You can generate a sample application for yourself that's based directly off your app in the console, in which (again) the getRedirectUri method is overwritten to use your specific callbacks.
这篇关于Google OAUTH:请求中的重定向URI与注册的重定向URI不匹配的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
