如何使用gmail API获取访问令牌 [英] How to get access token using gmail api
问题描述
我在此文档后获得授权码。但是当我试图获得访问令牌时,我总是遇到错误。任何人都可以帮助我吗?
public String AccessToken()
{
String accessToken =;
StringBuilder strBuild = new StringBuilder();
String authURL =https://accounts.google.com/o/oauth2/token?;
字符串代码=4 / SVisuz_x *********************;
字符串client_id =****************** e.apps.googleusercontent.com;
String client_secret =*******************;
String redirect_uri =urn:ietf:wg:oauth:2.0:oob;
String grant_type =authorization_code;
strBuild.append(code =)。append(code)
.append(& client_id =)。append(client_id)
.append(& client_secret = ).append(client_secret)
.append(& redirect_uri =)。append(redirect_uri)
.append(& grant_type =)。append(grant_type);
System.out.println(strBuild.toString());
尝试{
URL obj =新URL(authURL);
HttpURLConnection con =(HttpURLConnection)obj.openConnection();
con.setDoOutput(true);
con.setRequestMethod(POST);
con.setRequestProperty(Content-Type,application / x-www-form-urlencoded);
con.setRequestProperty(主机,www.googleapis.com);
// BufferedWriter bw = new BufferedWriter(new OutputStreamWriter(con.getOutputStream()));
//bw.write(strBuild.toString());
//bw.close();
DataOutputStream wr = new DataOutputStream(con.getOutputStream());
wr.writeBytes(strBuild.toString());
wr.flush();
wr.close();
// OutputStreamWriter out = new OutputStreamWriter(con.getOutputStream());
System.out.println(con.getResponseCode());
System.out.println(con.getResponseMessage());
} catch(Exception e)
{
System.out.println(Error。);
}
return;
}
运行此代码时,输出为:
400
Bad Request
如何使用gmail api获取访问令牌?
答案根据您的以下教程,您正在使用 OAuth 2.0 。因此,使用 OAuth 2.0 访问Google API有一个基本模式。它遵循4个步骤:
- 从Google Developers Console获取OAuth 2.0凭据。
- 获取访问令牌。
- 将访问令牌发送给API。
- 必要时刷新访问令牌。
有关详细信息,您可以按照教程 - 使用OAuth 2.0访问Google API
您必须访问 Google Developers Console 获取OAuth 2.0证书,例如客户端ID 和客户端秘密,这些都是Google和您的应用程序都知道的。
根本原因分析: / h2>
问题1:
在学习完代码之后,如果你的代码运行平稳,那么代码总是给出一个空字符串。因为您的 AccessToken()方法总是返回 return;
$ b
catch(例外e)
{
System.out.println(Error。);
}
您的try catch块将进入异常块。因为,看起来你没有正确完成你的代码。您已经错过了 encoding 以及使用准备访问令牌的 JSONObject 。所以它给出的输出为
$ b
错误。
解决方案:
希望这 samples 和资源链接将帮助您解决您的问题并获得访问权限。
什么是400错误请求?
答案:表示查询无效。家长ID缺失或所请求的维度或指标组合无效。
建议的操作:您需要更改API查询
$ b
对于
HTTP / 1.1 400错误请求错误,你可以通过我的另一个
答案。 这将有助于您理解哪个主持人以及您需要应用哪些条件。
需要使用
为什么令牌到期?令牌的限制是什么?
令牌可能因以下其中一个原因停止工作:
- 用户有
已撤销访问权限。 c>六个月。 -
用户更改了密码,并且令牌包含Gmail,日历,
通讯录或环聊范围 用户帐户超过了一定数量的令牌请求 。 $ b
目前,每个客户端每个用户帐户有25个刷新令牌限制。如果达到限制,则创建新令牌会自动使最旧的令牌无效而不发出警告。此限制不适用于服务帐户。
应遵循哪些预防措施?
注意事项 - 1: / h2>
有些请求需要身份验证步骤,用户使用其Google帐户登录
。登录后,询问用户是否
他们愿意授予您的应用程序是
请求的权限。这个过程称为用户同意。
如果用户授予权限,Google Authorization Server
将向您的应用程序发送一个访问令牌(或授权代码
应用程序可以使用它来获取访问令牌)。如果用户做
不授予权限,服务器返回一个错误。
有些请求需要身份验证步骤,用户使用其Google帐户登录
。登录后,询问用户是否
他们愿意授予您的应用程序是
请求的权限。这个过程称为用户同意。
如果用户授予权限,Google Authorization Server
将向您的应用程序发送一个访问令牌(或授权代码
应用程序可以使用它来获取访问令牌)。如果用户做
不授予权限,服务器返回一个错误。
注意事项 - 2:
如果为Google+ API发布访问令牌,则不会授予
访问Google Contacts API的权限。但是,您可以多次将该访问权限
令牌发送到Google+ API以进行类似的操作。
注意事项 - 3:
访问令牌的过期日期通常为1小时,在
之后,如果您尝试使用它。 Google Credential
负责自动刷新令牌,这意味着
获得新的访问令牌。
将刷新标记保存在安全的长期存储中,并且只要它们保持有效,就继续使用
。限制适用于每个客户端 - 用户组合颁发的
刷新令牌的数量以及所有客户端的每
个用户的数量,这些限制是不同的。如果您的
应用程序请求足够的刷新标记以超过
的限制之一,那么较旧的刷新标记将停止工作。
I got the authorization code following this document. But when I tried to get access token, I always got errors. Can anyone help me ?
public String AccessToken()
{
String accessToken = "";
StringBuilder strBuild = new StringBuilder();
String authURL = "https://accounts.google.com/o/oauth2/token?";
String code = "4/SVisuz_x*********************";
String client_id = "******************e.apps.googleusercontent.com";
String client_secret = "*******************";
String redirect_uri = "urn:ietf:wg:oauth:2.0:oob";
String grant_type="authorization_code";
strBuild.append("code=").append(code)
.append("&client_id=").append(client_id)
.append("&client_secret=").append(client_secret)
.append("&redirect_uri=").append(redirect_uri)
.append("&grant_type=").append(grant_type);
System.out.println(strBuild.toString());
try{
URL obj = new URL(authURL);
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setDoOutput(true);
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
con.setRequestProperty("Host", "www.googleapis.com");
//BufferedWriter bw = new BufferedWriter(new OutputStreamWriter(con.getOutputStream()));
//bw.write(strBuild.toString());
//bw.close();
DataOutputStream wr = new DataOutputStream(con.getOutputStream());
wr.writeBytes(strBuild.toString());
wr.flush();
wr.close();
//OutputStreamWriter out = new OutputStreamWriter(con.getOutputStream());
System.out.println(con.getResponseCode());
System.out.println(con.getResponseMessage());
} catch (Exception e)
{
System.out.println("Error.");
}
return "";
}
when I ran this code, the output is:
400
Bad Request
How to get access token using gmail api?
Ans: As per your following tutorial, you are using OAuth 2.0. So there is a basic pattern for accessing a Google API using OAuth 2.0. It follows 4 steps:
- Obtain OAuth 2.0 credentials from the Google Developers Console.
- Obtain an access token from the Google Authorization Server.
- Send the access token to an API.
- Refresh the access token, if necessary.
For details, you can follow the tutorial - Using OAuth 2.0 to Access Google APIs
You have to visit the Google Developers Console to obtain OAuth 2.0 credentials such as a client ID and client secret that are known to both Google and your application
Root Cause Analysis:
Issue-1:
After studying your code, some lacking are found. If your code runs smoothly, then the code always give an empty string. Because your AccessToken() method always return return "";
Issue-2:
catch (Exception e)
{
System.out.println("Error.");
}
Your try catch block is going exception block. Because, it seems that you have not completed your code properly. You have missed encoding as well as using JSONObject which prepares the access token. So it is giving output as
Error.
Solution:
I got that your code is similar with this tutorial
As your code needs more changes to solve your issue. So I offer you to use LinkedHashMap or ArrayList. Those will provide easier way to make solution. So I give you 2 sample code to make your life easier. You can choose any of them. You need to change refresh_token, client id, client secret and grant type as yours.
private String getAccessToken()
{
try
{
Map<String,Object> params = new LinkedHashMap<>();
params.put("grant_type","refresh_token");
params.put("client_id",[YOUR CLIENT ID]);
params.put("client_secret",[YOUR CLIENT SECRET]);
params.put("refresh_token",[YOUR REFRESH TOKEN]);
StringBuilder postData = new StringBuilder();
for(Map.Entry<String,Object> param : params.entrySet())
{
if(postData.length() != 0)
{
postData.append('&');
}
postData.append(URLEncoder.encode(param.getKey(),"UTF-8"));
postData.append('=');
postData.append(URLEncoder.encode(String.valueOf(param.getValue()),"UTF-8"));
}
byte[] postDataBytes = postData.toString().getBytes("UTF-8");
URL url = new URL("https://accounts.google.com/o/oauth2/token");
HttpURLConnection con = (HttpURLConnection)url.openConnection();
con.setDoOutput(true);
con.setUseCaches(false);
con.setRequestMethod("POST");
con.getOutputStream().write(postDataBytes);
BufferedReader reader = new BufferedReader(new InputStreamReader(con.getInputStream()));
StringBuffer buffer = new StringBuffer();
for (String line = reader.readLine(); line != null; line = reader.readLine())
{
buffer.append(line);
}
JSONObject json = new JSONObject(buffer.toString());
String accessToken = json.getString("access_token");
return accessToken;
}
catch (Exception ex)
{
ex.printStackTrace();
}
return null;
}
For accessing google play android developer api, you need to pass the previous refresh token to get access token
private String getAccessToken(String refreshToken){
HttpClient client = new DefaultHttpClient();
HttpPost post = new HttpPost("https://accounts.google.com/o/oauth2/token");
try
{
List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>(4);
nameValuePairs.add(new BasicNameValuePair("grant_type", "refresh_token"));
nameValuePairs.add(new BasicNameValuePair("client_id", GOOGLE_CLIENT_ID));
nameValuePairs.add(new BasicNameValuePair("client_secret", GOOGLE_CLIENT_SECRET));
nameValuePairs.add(new BasicNameValuePair("refresh_token", refreshToken));
post.setEntity(new UrlEncodedFormEntity(nameValuePairs));
org.apache.http.HttpResponse response = client.execute(post);
BufferedReader reader = new BufferedReader(new InputStreamReader(response.getEntity().getContent()));
StringBuffer buffer = new StringBuffer();
for (String line = reader.readLine(); line != null; line = reader.readLine())
{
buffer.append(line);
}
JSONObject json = new JSONObject(buffer.toString());
String accessToken = json.getString("access_token");
return accessToken;
}
catch (IOException e) { e.printStackTrace(); }
return null;
}
Resource Link:
Unable to get the subscription information from Google Play Android Developer API
Using java.net.URLConnection to fire and handle HTTP requests
Hope that, this samples and resource link will help you to solve your issue and get access of access token.
What is 400 bad request?
Ans: It indicates that the query was invalid. Parent ID was missing or the combination of dimensions or metrics requested was not valid.
Recommended Action: You need to make changes to the API query in order for it to work.
For
HTTP/1.1 400 Bad Request error, you can go through my another answer. It will help you to make sense aboutwhich host you need to useand which conditions you need to apply.
Why token expires? What is the limit of token?
A token might stop working for one of these reasons:
- The user has
revokedaccess. - The token has not been used for
six months. - The
user changed passwordsand the token contains Gmail, Calendar, Contacts, or Hangouts scopes. - The user account has
exceeded a certain number of token requests.
There is currently a limit of 25 refresh tokens per user account per client. If the limit is reached, creating a new token automatically invalidates the oldest token without warning. This limit does not apply to service accounts.
Which precautions should be followed?
Precautions - 1:
Some requests require an authentication step where the user logs in with their Google account. After logging in, the user is asked whether they are willing to grant the permissions that your application is requesting. This process is called user consent.
If the user grants the permission, the Google Authorization Server sends your application an access token (or an authorization code that your application can use to obtain an access token). If the user does not grant the permission, the server returns an error.
Precautions - 2:
If an access token is issued for the Google+ API, it does not grant access to the Google Contacts API. You can, however, send that access token to the Google+ API multiple times for similar operations.
Precautions - 3:
An access token typically has an expiration date of 1 hour, after which you will get an error if you try to use it. Google Credential takes care of automatically "refreshing" the token, which simply means getting a new access token.
Save refresh tokens in secure long-term storage and continue to use them as long as they remain valid. Limits apply to the number of refresh tokens that are issued per client-user combination, and per user across all clients, and these limits are different. If your application requests enough refresh tokens to go over one of the limits, older refresh tokens stop working.
这篇关于如何使用gmail API获取访问令牌的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
