Google API - Oauth 2.0 Auth令牌流 [英] Google API - Oauth 2.0 Auth token flow
问题描述
- 我正在构建一个使用Google Cal和Google+ API的Web应用程序。
- 我需要获取刷新令牌,因为一旦用户通过网站/应用程序进行身份验证,某些呼叫在他们登录后发生在幕后(并且其中很多会在1小时后发生,其中初始access_token有效)
据我所知,这是我必须遵循的流程:
- 通过Google控制台注册Web应用程序API - done。
- 提示用户使用我的应用程序进行身份验证,以下配置变量:
var config = {
'client_id':MY_CLIENT_ID',
'scope':'https://www.googleapis.com/auth/calendar https://www.googleapis.com/auth/userinfo.email ',
'response_type':'code',
'access_type':'offline'
};
- 然后,使用通过
https://developers.google.com/accounts/docs/OAuth2WebServer#refresh
POST / o / oauth2 / token HTTP / 1.1
Host:accounts.google.com
Content-Type:application / x-www-form- urlencoded
code = CODE_RETURNED
client_id = CLIENT_ID_RETURNED
client_secret = API_CLIENT_SECRET
redirect_uri = API_REDIRECT_API
grant_type = authorization_code
然而,当我尝试运行这个调用时,我总会遇到某种类型的错误。现在我坚持得到以下内容:
{
错误:redirect_uri_mismatch
}
我在Google API设置页面和代码中列出了以下的重定向URI:
http:// localhost /
以前曾使用过此流程的人的任何建议?
我需要设置不同的东西来获取刷新标记吗?
进程失败是因为我在初次调用代码时没有包含'redirect_uri'。
我应该有:
var config = {
'client_id':MY_CLIENT_ID',
'scope':'https://www.googleapis.com/ auth / calendar https://www.googleapis.com/auth/userinfo.email',
'response_type':'code',
'access_type':'offline',
'redirect_uri ':MY_REDIRECT_URI
};
然后,redirect_uri被数据命中,我设置了一个简单的节点路由来侦听,生成,然后为每个经过身份验证的用户存储访问权限和刷新令牌。
Context --
- I am building a web application that uses the Google Cal and Google+ API.
- I will need to obtain a refresh token, since once a user authenticates with the site/app, some of the calls happen behind the scenes after they have logged in (and many of them happen after 1 hour, of which the initial access_token is valid for)
As I understand it, here is the flow I must follow:
- Register a Web Application API through Google console - done.
- Prompt the user to authenticate with my application, done through a call using the following config vars:
var config = {
'client_id': MY_CLIENT_ID',
'scope': 'https://www.googleapis.com/auth/calendar https://www.googleapis.com/auth/userinfo.email',
'response_type': 'code',
'access_type': 'offline'
};
- Then, using the Google object returned through the auth() call above, make another call to get the access_token and refresh_token.
https://developers.google.com/accounts/docs/OAuth2WebServer#refresh
POST /o/oauth2/token HTTP/1.1
Host: accounts.google.com
Content-Type: application/x-www-form-urlencoded
code=CODE_RETURNED
client_id=CLIENT_ID_RETURNED
client_secret=API_CLIENT_SECRET
redirect_uri=API_REDIRECT_API
grant_type=authorization_code
Yet, when I try to run this call I always get some type of error. Right now I am stuck getting the following:
{
error: "redirect_uri_mismatch"
}
I have the following listed as my redirect uri both on the Google API settings page, and in code:
http://localhost/
Any advice from someone that has worked with this flow before? Do I need to set up something differently for obtaining a refresh token?
The issue as to why this whole process was failing was because I was not including the 'redirect_uri' in my initial call to get a code.
I should have had:
var config = {
'client_id': MY_CLIENT_ID',
'scope': 'https://www.googleapis.com/auth/calendar https://www.googleapis.com/auth/userinfo.email',
'response_type': 'code',
'access_type': 'offline',
'redirect_uri': MY_REDIRECT_URI
};
Then, that redirect_uri was hit with data, and I set up a simple node route to listen, generate, and then store the access and refresh tokens for each user that authenticated.
这篇关于Google API - Oauth 2.0 Auth令牌流的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!