通过Python使用refresh token完成Oauth2.0授权(谷歌API服务创建) [英] Accomplishing Oauth2.0 authorization with refresh token through Python (Google API service creation)

问题描述

我正在尝试使用 Oauth2 通过无头 Linux 服务器访问 Google API 服务.我通读了这篇文章的所有答案:如何在没有用户干预的情况下授权应用程序(Web 或安装的)? 但他们都没有展示如何使用刷新令牌在 python 中生成访问令牌.pinnoyyid 有一个 javascript 示例(https://stackoverflow.com/a/19766913/15713034)，内容如下:

I'm trying to access Google API services through a headless Linux server using Oauth2. I read through all the answers on this post: How do I authorise an app (web or installed) without user intervention? but none of them showed how to use the refresh token to generate an access token in python. pinnoyyid had a javascript example (https://stackoverflow.com/a/19766913/15713034) that went something like this:

function get_access_token_using_saved_refresh_token() {
// from the oauth playgroundfunction get_access_token_using_saved_refresh_token() {
// from the oauth playground
const refresh_token = "1/0PvMAoF9GaJFqbNsLZQg-f9NXEljQclmRP4Gwfdo_0";
// from the API console
const client_id = "559798723558-amtjh114mvtpiqis80lkl3kdo4gfm5k.apps.googleusercontent.com";
// from the API console
const client_secret = "WnGC6KJ91H40mg6H9r1eF9L";
// from https://developers.google.com/identity/protocols/OAuth2WebServer#offline
const refresh_url = "https://www.googleapis.com/oauth2/v4/token";
let refresh_request = {
    body:`grant_type=refresh_token&client_id=${encodeURIComponent(client_id)}&client_secret=${encodeURIComponent(client_secret)}& refresh_token=${encodeURIComponent(refresh_token)}`;,
    method: "POST",
    headers: new Headers({
        'Content-Type': 'application/x-www-form-urlencoded'
    })
}

JavaScript 并不是我最好的语言，但我可以破译他们正在向谷歌服务器发送 POST 请求.所以我尝试使用 requests 包在 Python 中重新创建请求:

JavaScript isn't really my best language, but I could decipher they were sending a POST request to the google server. So I tried to recreate the request in Python with the requests package:

   import requests
   result = requests.post("https://www.googleapis.com/oauth2/v4/token", body={'grant_type':'refresh-token', 'client_id':client_id, 'client_secret':client_secret, 'refresh_token': refresh_token}, headers={'Content-Type': 'application/x-www-form-urlencoded'})
   

当我查看结果时，它显示它有一个 200 状态代码(成功)，但是当我尝试检查响应时，没有任何内容易于阅读，而且我无法解析 JSON 中的结果以获取访问令牌.我尝试的另一种方法是使用 Google 建议的代码启动 Flask 服务器:https://developers.google.com/identity/protocols/oauth2/web-server#python_5 但这也不起作用，因为当我尝试从其中一个函数(包含访问代码)，无论如何都不会返回 JSON.我更喜欢 post 请求方法，因为它更干净并且使用更少的代码.谢谢！

And when I look at result it shows it has a 200 status code (success) but when I try to examine the response, there's nothing easy to read and I can't parse the result in JSON to get the access token. The other approach I tried was to spin up a Flask server using Google's suggested code: https://developers.google.com/identity/protocols/oauth2/web-server#python_5 but that doesn't work either because when I try to return the credentials from one of the functions (object that contains the access code) that won't return JSON no matter what. I'd prefer the post request method since it is cleaner and uses less code. Thanks!

推荐答案

由于上述解决方案都不起作用，我最终不得不放弃并使用服务帐户.

Since none of the solutions above worked, I had to finally just give up and use a service account.

这篇关于通过Python使用refresh token完成Oauth2.0授权(谷歌API服务创建)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！