Google API 身份验证:客户端的无效来源 [英] Google API authentication: Not valid origin for the client

问题描述

向 Google API (gapi) 发出身份验证请求时，它在 checkOrigin 上返回 false.

When making an auth request to the Google API (gapi), it's returning false on the checkOrigin.

我已经删除了任何客户 ID 或任何会直接链接到我的帐户的内容，并将其替换为一个正则表达式，指示数据是什么以供参考.

I have removed any client id's or anything that would link directly to my account and replaced it with a regex indicating what the data is for reference.

网址:https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Flocal.tools&client_id=(d{21})

我的源网址是本地网址，即https://local.tools

My origin url is a local url, which is https://local.tools

结果:{valid: false}

我正在使用这里找到的示例，没有任何偏差(除了用我的 21 位客户端 ID 替换客户端 ID):https://ga-dev-tools.appspot.com/embed-api/third-party-visualizations/

I'm using the example found here without deviation (except for replacing clientid with my 21 digit clientid): https://ga-dev-tools.appspot.com/embed-api/third-party-visualizations/

我尝试显示的项目在演示站点上显示得很好，但在我的 local.tools 站点上没有通过客户端错误的无效来源.

The items I'm trying to display show up nicely on the demo site, but aren't getting past the Not valid origin for the client error on my local.tools site.

推荐答案

我在使用此示例时收到相同的控制台错误消息:https://developers.google.com/analytics/devguides/reporting/embed/v1/getting-started

I received the same console error message when working with this example: https://developers.google.com/analytics/devguides/reporting/embed/v1/getting-started

文档说不要忽略两个关键步骤(在您阅读说明时，重要的是不要忽略这两个关键步骤:启用 Analytics API [&] 设置正确的来源")，但没有明确说明在哪里设置正确的来源.

The documentation says not to overlook two critical steps ("As you go through the instructions, it's important that you not overlook these two critical steps: Enable the Analytics API [&] Set the correct origins"), but does not clearly state WHERE to set the correct origins.

由于我拥有的客户端 ID 不起作用，我创建了一个新项目和一个新的客户端 ID.新项目可能不是必需的，但我会保留(并使用)它.

Since the client ID I had was not working, I created a new project and a new client ID. The new project may not have been necessary, but I'm retaining (and using) it.

这是有效的:

• 创建一个新项目
• 添加并启用分析 API
• 创建新凭据 - 确保它是 OAUTH 凭据(滚动到此页面底部以获取说明 https://developers.google.com/api-client-library/javascript/start/start-js#Setup).

在创建凭据期间，您将看到一个名为限制输入 JavaScript 来源、重定向 URI 或两者".您可以在此处输入来源.

During creation of the credentials, you will see a section called "Restrictions Enter JavaScript origins, redirect URIs, or both". This is where you can enter your origins.

保存并复制您的客户 ID(和机密).

Save and copy your client ID (and secret).

在创建新的 OAUTH 凭据、分配源并在此过程后使用新生成的客户端 ID 后，我的脚本开始工作.

My script worked after I created the new OAUTH credential, assigned the origin, and used the newly generated client ID following this process.

这篇关于Google API 身份验证:客户端的无效来源的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！