Google API 令牌端点 POST 返回错误请求 400 [英] Google API token endpoint POST returns Bad Request 400
问题描述
我正在尝试将一次性 Google Plus 授权代码交换为访问令牌.但我不断收到 400 Bad Request.我正在使用 VB.NET.代码如下:
I am trying to exchange a one-time Google Plus Authorization code for an access token. But I keep on getting a 400 Bad Request. I am using VB.NET. Here is the code:
'We should now have a "good" one-time authorization code stored in "code"
Using Client As New WebClient()
'Dim Client As New WebClient()
Dim values As New NameValueCollection()
Dim Resp
Dim responseString As String
values("code") = Request.QueryString("code")
values("client_id") = ConfigurationManager.AppSettings("google.clientid")
values("client_secret") = ConfigurationManager.AppSettings("google.clientsecret")
values("grant_type") = "authorization_code"
values("redirect_uri") = "http://localhost:3333/MyVacations/default.aspx"
Resp = Client.UploadValues("https://www.googleapis.com/oauth2/v3/token", values)
responseString = Encoding.Default.GetString(Resp)
End Using
我很确定这是我应该使用的端点 https://www.googleapis.com/oauth2/v3/token 但谁知道呢?Google 发现文档 只是让我感到困惑.
I'm pretty sure this is the endpoint I'm supposed to be using https://www.googleapis.com/oauth2/v3/token but who knows? The Google Discovery Document just muddles this for me.
还请原谅我的天真,但有人能解释一下 Google 用作示例的 POST 代码如何与我上面代码中的 Web 请求相关联吗?我想我理解这些值是如何转换的,但是 POST 中的 3 个标题行(下面)......这是如何在 VB 代码中指定的?我遗漏了一些对其他人来说非常明显的东西,所以如果你知道,请告诉我.
Also pardon my naivete but would someone explain how the POST code Google uses as an example relates to the Web Request in my code above? I think I understand how the values translate, but the 3 header lines in the POST (below) ... how does this get specified in the VB code? I'm missing something that must be really obvious to others so if you know, please tell me.
POST /oauth2/v3/token HTTP/1.1
Host: www.googleapis.com
Content-Type: application/x-www-form-urlencoded
code=4/P7q7W91a-oMsCeLvIaQm6bTrgtp7&
client_id=8819981768.apps.googleusercontent.com&
client_secret={client_secret}&
redirect_uri=https://oauth2-login-demo.appspot.com/code&
grant_type=authorization_code
另一个 Stack Overflow Post 说关于将数据作为查询参数发送(我猜是使用&")而不是将数据作为请求标头发送,那么沿着 NameValueCollection 发送有什么问题吗?
Another Stack Overflow Post says something about sending the data as query parameters (using '&' I guess) instead of sending the data as request headers, so is there something wrong with sending along a NameValueCollection?
推荐答案
答案如下:API 需要 2 次调用.第一次调用返回一个一次性授权码.第一个调用必须指定重定向 URI.
So here's the answer: The API requires 2 calls. The first call returns a one time authorization code. The first call must specify a redirect URI.
第二次调用将一次性代码发送到 API 以获得授权令牌.此 POST 还需要重定向 URI.
The 2nd call sends the one time code to the API for an authorization token. This POST also requires a redirect URI.
第一次调用中的重定向 URI 必须与第二次调用中的重定向 URI 相同!!!
我无法在文档中的任何地方找到它.请记住,此 URI 还必须与您的开发者控制台中列表中的 URI 之一匹配,所有文档都这么说.
I was unable to find this anywhere in the documentation. Remember that this URI must also match one of the URIs in the list in your developers console, which is what all the documentation says.
这篇关于Google API 令牌端点 POST 返回错误请求 400的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
