Google OAuth2 PlayGround返回“未经授权的客户端" [英] Google OAuth2 PlayGround returns "Unauthorized Client"

问题描述

    clientId = xxxxxx
    clientSecret = xxxxxxxx
    applicationHost = xxxxxxxxx

我的授权码请求:

   OAuthClientRequest oAuthClientRequest = OAuthClientRequest
                .authorizationProvider(OAuthProviderType.GOOGLE)
                .setResponseType("code")
                .setClientId(clientId)
                .setParameter("access_type", "online")
                .setRedirectURI(applicationHost + "auth/google/callback")
                .setScope("https://www.googleapis.com/auth/plus.login")
                .buildQueryMessage();

        response.sendRedirect(oAuthClientRequest.getLocationUri());

与此相关的是我获得的授权码.但是每当我使用此代码发送对access_token的请求时，都会收到错误消息. (代码400)

I am getting an authorization code with this. but whenever I send a request for the access_token using this code I am getting an error. (Code 400)

我的access_token请求:

My access_token request:

    OAuthClientRequest oAuthClientRequest = OAuthClientRequest
            .tokenProvider(OAuthProviderType.GOOGLE)
            .setGrantType(GrantType.AUTHORIZATION_CODE)
            .setClientId(clientId)
            .setClientSecret(clientSecret)
            .setParameter("access_type", "online")
            .setRedirectURI(applicationHost + "auth/google/callback")
            .setCode(code)
            .buildQueryMessage();

    GitHubTokenResponse oAuthResponse = oAuthClient.accessToken(
            oAuthClientRequest, GitHubTokenResponse.class);
    return oAuthResponse.getAccessToken();

OAuth2游乐场响应:

OAuth2 Playground response:

    HTTP/1.1 400 Bad Request
    Alternate-protocol: 443:quic
    Content-length: 37
    X-xss-protection: 1; mode=block
    X-content-type-options: nosniff
    X-google-cache-control: remote-fetch
    -content-encoding: gzip
    Server: GSE
    Via: HTTP/1.1 GWA
    Pragma: no-cache
    Cache-control: no-cache, no-store, max-age=0, must-revalidate
    Date: Mon, 17 Feb 2014 09:03:52 GMT
    X-frame-options: SAMEORIGIN
    Content-type: application/json
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    {
       "error": "unauthorized_client"
    }

请帮帮我.预先感谢.

推荐答案

您正在从应用程序中获取身份验证代码(即客户端ID XXXXX)，并将其粘贴到其他应用程序中(客户端ID为YYYYY的oauth游乐场)，并且希望它能工作?

You're taking an auth code from your application (ie. client id XXXXX) and pasting that into a different app (oauth playground with client id YYYYY) and expecting it to work?

那是行不通的.

如果您进入Gear选项并输入应用程序的凭据，则可能会起作用.但是我有点困惑你为什么要这么做.您要解决的问题是什么?

It might work if you go into the Gear option and enter your app's credentials. But I'm slightly confused why you're doing this. What is the problem you are trying to solve?

此答案可能会帮助 查看全文