Google OAuth2 PlayGround returns “Unauthorized Client”

我们两清 提交于 2019-12-25 02:43:15

问题


    clientId = xxxxxx
    clientSecret = xxxxxxxx
    applicationHost = xxxxxxxxx

My authorization code request:

   OAuthClientRequest oAuthClientRequest = OAuthClientRequest
                .authorizationProvider(OAuthProviderType.GOOGLE)
                .setResponseType("code")
                .setClientId(clientId)
                .setParameter("access_type", "online")
                .setRedirectURI(applicationHost + "auth/google/callback")
                .setScope("https://www.googleapis.com/auth/plus.login")
                .buildQueryMessage();

        response.sendRedirect(oAuthClientRequest.getLocationUri());

I am getting an authorization code with this. but whenever I send a request for the access_token using this code I am getting an error. (Code 400)

My access_token request:

    OAuthClientRequest oAuthClientRequest = OAuthClientRequest
            .tokenProvider(OAuthProviderType.GOOGLE)
            .setGrantType(GrantType.AUTHORIZATION_CODE)
            .setClientId(clientId)
            .setClientSecret(clientSecret)
            .setParameter("access_type", "online")
            .setRedirectURI(applicationHost + "auth/google/callback")
            .setCode(code)
            .buildQueryMessage();

    GitHubTokenResponse oAuthResponse = oAuthClient.accessToken(
            oAuthClientRequest, GitHubTokenResponse.class);
    return oAuthResponse.getAccessToken();

OAuth2 Playground response:

    HTTP/1.1 400 Bad Request
    Alternate-protocol: 443:quic
    Content-length: 37
    X-xss-protection: 1; mode=block
    X-content-type-options: nosniff
    X-google-cache-control: remote-fetch
    -content-encoding: gzip
    Server: GSE
    Via: HTTP/1.1 GWA
    Pragma: no-cache
    Cache-control: no-cache, no-store, max-age=0, must-revalidate
    Date: Mon, 17 Feb 2014 09:03:52 GMT
    X-frame-options: SAMEORIGIN
    Content-type: application/json
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    {
       "error": "unauthorized_client"
    }

Please help me out. Thanks in advance.


回答1:


You're taking an auth code from your application (ie. client id XXXXX) and pasting that into a different app (oauth playground with client id YYYYY) and expecting it to work?

That's not gonna work.

It might work if you go into the Gear option and enter your app's credentials. But I'm slightly confused why you're doing this. What is the problem you are trying to solve?

This answer might help How do I authorise an app (web or installed) without user intervention? (canonical ?)



来源:https://stackoverflow.com/questions/21825605/google-oauth2-playground-returns-unauthorized-client

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!