在使用Google API进行身份验证后无法获取访问和刷新令牌 [英] Unable to get access and refresh token after authenticating with Google API

问题描述

我跟着这个令人敬畏的教程来获取访问和刷新令牌，一旦用户用他们的谷歌帐户登录，但我总是这个响应，当我调用 GetAccessCode（）：

  {
错误：invalid_request
} 
  
 
 $ b 
以下是我的代码：
 
 
  var url = window.location.href; 
 
 if（url.indexOf（code =）> 0）{//一旦用户使用Google 
登录var code_starts = url.indexOf（code =）; 
 var code = url.substring（（code_starts + 5），url.length）; 
 alert（Code =+ code）; 
 GetAccessTokens（code）; 
} else if（url.indexOf（access_token =）> 0）{//获取令牌，但我从未得到过这么远
 var at_starts = url.indexOf（access_token =） ; 
 var exp_starts = url.indexOf（expires_in =）; 
 var access_token = url.substring（（at_starts + 13），exp_starts）; 
 alert（AT =+ access_token）; 
 
 var rt_starts = url.indexOf（refresh_token =）; 
 var id_starts = url.indexOf（id_token =）; 
 var refresh_token = url.substring（（rt_starts + 14），id_starts）; 
 alert（RT =+ refresh_token）; 
} else {
 GetAccessCode（）; //如果用户打开该页面，向他展示同意屏幕
} 
 
函数GetAccessCode（）{
 window.location ='https://accounts.google.com/ o / oauth2 / v2 / auth？redirect_uri = https：//mywebsite.com/quickstart.html'+'& response_type = code'+'& client_id ='+ clientId +'& scope ='+ scopes +' & approval_prompt = force'+'& access_type = offline'; 
} 
 
函数GetAccessTokens（code）{
 window.location ='https://accounts.google.com/o/oauth2/token?code='+ code + '& client_id ='+ clientId +'& client_secret ='+ clientSecret +'& redirect_uri = https：//mywebsite.com/quickstart.html'+'& grant_type = authorization_code'; 
} 
  
这里我收到invalid_request错误。 
 
 
 
我尝试通过ajax请求获取令牌，不必再次重定向页面（坏的UX）：
  var red ='https://mywebsite.com/quickstart.html'; 
 var options = {
 url：'https://accounts.google.com/o/oauth2/token'，
类型：POST，
 dataType：json ，
 data：code = code& client_id = clientId& client_secret = clientSecret& redirect_uri = red& grant_type = authorization_code，
 complete：function（e）{
 alert（e）; 
 alert（e.status）; 
}，
}; 
 $ .ajax（options）; 
} 
  
我也在头文件中试过它：
  headers：{Content-type：application / x-www-form-urlencoded}，
  
我也是这样试过的： 
 
 
  $ .ajax（{
 url：https://accounts.google.com/o/oauth2/token，
类型：发布，
数据类型：json，
 contentType：application / x-www-form-urlencoded; charset = utf-8，
 async：true，
 data：{code：code，client_id：clientId，client_secret：clientSecret， redirect_uri：'https：//mywebsite.com/quickstart.html'，grant_type：'authorization_code'}，
成功：函数（响应）{
 alert（response）; //我从来没有得到这个
 var json = $ .parseJSON（response）; 
} 
}）
 .fail（function（err）{
 alert（error+ err）; / /我得到[Object object] 
}）; 
  
还有其他一些东西。 
哦，并且所有的参数都有正确的值。
 
 
有什么想法？ 
 
 
  oauth playground 显示网址​​令牌的网址为 https：// www。 googleapis.com/oauth2/v4/token 但是当我使用它时，我在浏览器中得到了未找到。
解决方案
 3天后，我做到了。感谢console.log提示，@Brunt！
  $。ajax（{
 url：'https：/ /www.googleapis.com/oauth2/v4/token'，
类型：post，
数据类型：json，
 contentType：application / x-www-form-urlencoded ; charset = utf-8，
 async：true，
 data：{code：code，client_id：clientId，client_secret：clientSecret，redirect_uri：'https：//mywebsite.com/quickstart.html' ，grant_type：'authorization_code'}，
 success：function（response）{
 console.log（Response：+ response）; 
 console.log（AT：+ response [ 'access_token']）; 
 console.log（RT：+ response ['refresh_token']）; 
 
 access_token = response ['access_token']; 
 refresh_token =响应['refresh_token']; 
} 
}）
 .fail（函数（err）{
 alert（error+ err）; // [Object object] 
 console.log（error+ err）; 
}）; 
  
 
I followed this awesome tutorial to get the access and refresh tokens once the user logged in with their google account, but I always this response when I call GetAccessCode():
{
   "error": "invalid_request"
}
Here's my code:
var url = window.location.href;

if (url.indexOf("code=") > 0) { //Once the user signed in with Google
    var code_starts = url.indexOf("code=");
    var code = url.substring((code_starts + 5), url.length);
    alert("Code= " + code);
    GetAccessTokens(code);
} else if (url.indexOf("access_token=") > 0) { //Get the tokens, but I never get this far
    var at_starts = url.indexOf("access_token=");
    var exp_starts = url.indexOf("expires_in=");
    var access_token = url.substring((at_starts + 13), exp_starts);
    alert("AT= " + access_token);

    var rt_starts = url.indexOf("refresh_token=");
    var id_starts = url.indexOf("id_token=");
    var refresh_token = url.substring((rt_starts + 14), id_starts);
    alert("RT= " + refresh_token);
} else {
    GetAccessCode(); //If user opens the page, show him the consent screen
}

function GetAccessCode() {
   window.location = 'https://accounts.google.com/o/oauth2/v2/auth?redirect_uri=https://mywebsite.com/quickstart.html' + '&response_type=code' + '&client_id=' + clientId + '&scope=' + scopes + '&approval_prompt=force' + '&access_type=offline';
}

function GetAccessTokens(code) {
    window.location = 'https://accounts.google.com/o/oauth2/token?code=' + code + '&client_id=' + clientId + '&client_secret=' + clientSecret + '&redirect_uri=https://mywebsite.com/quickstart.html' + '&grant_type=authorization_code';
}
Here I receive the invalid_request error. 

I tried to get the tokens via an ajax request to not have to redirect the page again (bad UX):
    var red = 'https://mywebsite.com/quickstart.html';
    var options = {
       url: 'https://accounts.google.com/o/oauth2/token',
       type: "POST",
       dataType: "json",
       data: "code=code&client_id=clientId&client_secret=clientSecret&redirect_uri=red&grant_type=authorization_code",
        complete: function (e) {
            alert(e);
            alert(e.status);
        },
    };
    $.ajax(options);
}
I tried it with headers, too:
headers: { "Content-type": "application/x-www-form-urlencoded"},
And I tried it this way, too:
$.ajax({
    url: "https://accounts.google.com/o/oauth2/token",
    type: "post",
    datatype:"json",
    contentType: "application/x-www-form-urlencoded; charset=utf-8",
    async : true,
    data: {code:code, client_id:clientId, client_secret:clientSecret, redirect_uri:'https://mywebsite.com/quickstart.html', grant_type:'authorization_code'},
    success: function(response){
        alert(response); //I never get this
        var json = $.parseJSON(response);
    } 
})
.fail(function(err) {
    alert("error" + err); //I get [Object object]
});
And a few other stuff, too.
Oh, and all the parameters have the correct value.

Any ideas?

Ps: The oauth playground shows that the corrent token url is https://www.googleapis.com/oauth2/v4/token but when I use it I get Not found in the browser.
解决方案
After 3 days I did it. Thanks for the console.log tip, @Brunt!
$.ajax({
            url: 'https://www.googleapis.com/oauth2/v4/token',
            type: "post",
            datatype:"json",
            contentType: "application/x-www-form-urlencoded; charset=utf-8",
            async : true,
            data: {code:code, client_id:clientId, client_secret:clientSecret, redirect_uri:'https://mywebsite.com/quickstart.html', grant_type:'authorization_code'},
            success: function(response){
                console.log("Response: " + response);
                console.log("AT: " + response['access_token']);
                console.log("RT: " + response['refresh_token']);

                access_token = response['access_token'];
                refresh_token = response['refresh_token'];
            }
        })
        .fail(function(err) {
            alert("error" + err); //[Object object]
            console.log("error" + err);
        });


                        
这篇关于在使用Google API进行身份验证后无法获取访问和刷新令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！