有限输入设备的Google Oauth 2.0身份验证仅在curl上不起作用 [英] Google Oauth 2.0 authentication for limited input device not working except on curl

问题描述

我正在尝试使用我的自定义Java应用程序通过访问受限的设备(例如作为服务器运行的Raspberry pi)将视频上传到我的youtube帐户.

I am trying to use a custom java application of mine to upload videos to my youtube account via an access limited device like a Raspberry pi running as a server.

为此，我将 Google Oauth 2.0用于受限输入设备作为参考.

我按照我的自定义Java应用程序 Fiddler 和

I followed the steps mentioned with my custom java application, Fiddler and curl, the surprise is as follows:

1. 如 Google Oauth 2.0 for卷曲的有限输入设备.

但是在Fiddler和我的自定义Java应用程序的以下调用中发现了问题:

But issues were observed with Fiddler and my custom java app for the following call:

当我尝试通过发布类似的请求从Google服务器获取访问令牌(从Google Oauth链接获取第4步)时:

When I am trying to get the access token from Google server (Step 4 from Google Oauth link) by posting similar request:

POST /o/oauth2/token HTTP/1.1    
Host: accounts.google.com
Content-Type: application/x-www-form-urlencoded

client_id=1084945748469-eg34imk572gdhu83gj5p0an9fut6urp5.apps.googleusercontent.com&
client_secret=hDBmMRhz7eJRsM9Z2q1oFBSem&
code=4/YMSlR3fSCC1NtUh073DuZKTJJ3ss&
grant_type=http://oauth.net/grant_type/device/1.0

，但我没有得到"access_token"作为响应，而是得到以下信息:

Status Code:400 Response: {   "error" : "invalid_request", 
"error_description" : "Required parameter is missing: grant_type" }

注意:无论是否使用url编码，我的问题都保持不变.

Note : With or without url encoding, my problem stays the same.

我无法理解我的自定义Java应用程序或小提琴手的问题所在，请帮忙.

以下是我的提琴手要求:

(通过遵循此，可以获取oauth凭据(client_id和client_secret))

(One can get oauth credentials (client_id and client_secret) by following this)

提琴手要求: (URL编码，模糊的客户机密)

Fiddler request: (url encoded, obscured client secret)

POST HTTP/1.1
https://accounts.google.com/o/oauth2/token?client_id=308065994473-ur9dd7003ajs6mvr5s4kqnugr6j8tsf2.apps.googleusercontent.com&client_secret=XXXXXXXXXXXXXXX&code=4%2FWR-qiTquqB0e4-0LCy0-7rZ2kkE2&grant_type=http%3A%2F%2Foauth.net%2Fgrant_type%2Fdevice%2F1.0

Content-Type: application/x-www-form-urlencoded

(非url编码，模糊的客户端机密)

(non url encoded, obscured client secret)

POST HTTP/1.1
https://accounts.google.com/o/oauth2/token?client_id=308065994473-ur9dd7003ajs6mvr5s4kqnugr6j8tsf2.apps.googleusercontent.com&client_secret=XXXXXXXXXXXXXX&code=4/WR-qiTquqB0e4-0LCy0-7rZ2kkE2&grant_type=http://oauth.net/grant_type/device/1.0

可在以下位置找到Java代码项目(maven项目，检查Oauth调用的测试用例):

https://docs.google.com/file/d/0B8ltWBtPF-DVMDZFNHNMZXpCQlk

推荐答案

参数需要添加到http post请求正文中而不是url中，Google文档对此部分造成了混淆.

The parameters need to be added in the http post request body not in the url, Google documentation is confusing on this part.

    public synchronized HttpResponse executePOST(HttpEntity httpEntity, String path) throws IOException {
    if (!parameters.isEmpty()) {
        httpPost.setEntity(new UrlEncodedFormEntity(parameters));
    }

    httpPost = new HttpPost(path);

    logger.info(target.toHostString());
    logger.info(httpPost.getURI().toString());
    logger.info(httpPost.getRequestLine().toString());
    for (Header header : headers) {
        logger.info(header.getName() + ": " + header.getValue());
        httpPost.addHeader(header);
    }
    httpResponse = httpClient.execute(target, httpPost);
    return httpResponse;
}

这篇关于有限输入设备的Google Oauth 2.0身份验证仅在curl上不起作用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！