从Google OAuth 1.0迁移到OAuth 2.0时出现的问题 [英] Issue during migration from Google OAuth 1.0 to OAuth 2.0

问题描述

我必须从Google OAuth 1.0迁移到OAuth 2.0. 我刚刚在Chrome Rest Client中写了一个小请求:

POST : https://accounts.google.com/o /oauth2/token

标题:授权:OAuth realm ="，oauth_signature ="PU3W5uRL0eAyEi"，oauth_nonce ="1396865138306881000"，oauth_signature_method ="HMAC-SHA1"，oauth_consumer_key ="XXXXX.apps.googleusercontent.com ，oauth_token =" YYYYY，oauth_timestamp =" 1396865138，内容类型:application/x-www-form-urlencoded

有效负载:grant_type = urn:ietf:params:oauth:grant-type:migration:oauth1& client_id = ZZZZZ.apps.googleusercontent.com& client_secret = SSSSS

为此，我收到一条错误消息: 状态:400错误请求

" { 错误:"invalid_request" error_description:无效的授权标头". }"

问题可能是我尝试从Google Developers Console中的一个项目迁移到另一个. 真的有问题吗?

我移到另一个项目的原因是因为我无法在原始项目中创建OAuth 2.0客户端ID.我收到以下错误消息:

"您无法创建OAuth 2.0客户端ID，因为该项目已包含Oauth 1.0客户端ID."

请提出建议.

谢谢你， E

解决方案

OAuth1规范，对于迁移请求应如下所示:

POST& OAuth1规范以获取更多示例).

希望如此，米格尔.

I have to migrate from Google OAuth 1.0 to OAuth 2.0. I just have wrote a small request in Chrome Rest Client:

POST: https://accounts.google.com/o/oauth2/token

Headers: Authorization: OAuth realm="", oauth_signature="PU3W5uRL0eAyEi", oauth_nonce="1396865138306881000", oauth_signature_method="HMAC-SHA1", oauth_consumer_key="XXXXX.apps.googleusercontent.com", oauth_token="YYYYY", oauth_timestamp="1396865138", Content-Type: application/x-www-form-urlencoded

Payload: grant_type=urn:ietf:params:oauth:grant-type:migration:oauth1&client_id=ZZZZZ.apps.googleusercontent.com&client_secret=SSSSS

For that I receive an error message: Status: 400 Bad Request

"{ error: "invalid_request" error_description: "Invalid authorization header." }"

The problem could be that I try to migrate from one Project in Google Developers Console to another. Could that really be a problem?

The reason that I moved to another project is because I cannot create OAuth 2.0 Client ID in the original Project. I receive the following error message:

"You can not create OAuth 2.0 client ID because this project already contains an Oauth 1.0 client ID."

Please suggest.

Thank you, E

解决方案

As pointed out in a similar post, when constructing the base string to sign your migration requests, please make sure that the string uses a POST method and that it contains all relevant migration parameters as per the migration documentation.

As per OAuth1 spec, a valid base string for a migration request should look like:

POST&https://accounts.google.com/o/oauth2/token&client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET&grant_type=urn:ietf:params:oauth:grant-type:migration:oauth1&oauth_consumer_key=YOUR_CONSUMER_KEY&oauth_nonce=NONCE&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1396414006&oauth_token=THE_TOKEN_TO_MIGRATE

Note that, for readability purpose, the above is the decoded version of the base string (check out the OAuth1 spec for more examples).

Hope that helps, Miguel.

这篇关于从Google OAuth 1.0迁移到OAuth 2.0时出现的问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！