问题
clientId = xxxxxx
clientSecret = xxxxxxxx
applicationHost = xxxxxxxxx
My authorization code request:
OAuthClientRequest oAuthClientRequest = OAuthClientRequest
.authorizationProvider(OAuthProviderType.GOOGLE)
.setResponseType("code")
.setClientId(clientId)
.setParameter("access_type", "online")
.setRedirectURI(applicationHost + "auth/google/callback")
.setScope("https://www.googleapis.com/auth/plus.login")
.buildQueryMessage();
response.sendRedirect(oAuthClientRequest.getLocationUri());
I am getting an authorization code with this. but whenever I send a request for the access_token using this code I am getting an error. (Code 400)
My access_token request:
OAuthClientRequest oAuthClientRequest = OAuthClientRequest
.tokenProvider(OAuthProviderType.GOOGLE)
.setGrantType(GrantType.AUTHORIZATION_CODE)
.setClientId(clientId)
.setClientSecret(clientSecret)
.setParameter("access_type", "online")
.setRedirectURI(applicationHost + "auth/google/callback")
.setCode(code)
.buildQueryMessage();
GitHubTokenResponse oAuthResponse = oAuthClient.accessToken(
oAuthClientRequest, GitHubTokenResponse.class);
return oAuthResponse.getAccessToken();
OAuth2 Playground response:
HTTP/1.1 400 Bad Request
Alternate-protocol: 443:quic
Content-length: 37
X-xss-protection: 1; mode=block
X-content-type-options: nosniff
X-google-cache-control: remote-fetch
-content-encoding: gzip
Server: GSE
Via: HTTP/1.1 GWA
Pragma: no-cache
Cache-control: no-cache, no-store, max-age=0, must-revalidate
Date: Mon, 17 Feb 2014 09:03:52 GMT
X-frame-options: SAMEORIGIN
Content-type: application/json
Expires: Fri, 01 Jan 1990 00:00:00 GMT
{
"error": "unauthorized_client"
}
Please help me out. Thanks in advance.
回答1:
You're taking an auth code from your application (ie. client id XXXXX) and pasting that into a different app (oauth playground with client id YYYYY) and expecting it to work?
That's not gonna work.
It might work if you go into the Gear option and enter your app's credentials. But I'm slightly confused why you're doing this. What is the problem you are trying to solve?
This answer might help How do I authorise an app (web or installed) without user intervention? (canonical ?)
来源:https://stackoverflow.com/questions/21825605/google-oauth2-playground-returns-unauthorized-client