Google OAuth2 api
Google OAuth2 api
我在设置 google api oauth2 以访问日历 api 时遇到问题。我在下面使用了以下代码,它工作正常并提示用户授予对日历 api 的访问权限。但是,一旦用户允许访问,该站点就会进入 重定向循环 ,调试时显示 result.Credentials 始终为空。使用 fiddler 我可以看到正在从以下 url 接收令牌:accounts.google.com/o/oauth2/token
回复如下:
{
"access_token" : "TOKEN",
"token_type" : "Bearer",
"expires_in" : 3600
}
我完全不明白为什么从未填充凭据。这是我正在使用的代码:
public class AppFlowMetadata : FlowMetadata
{
private static readonly IAuthorizationCodeFlow flow =
new GoogleAuthorizationCodeFlow(new GoogleAuthorizationCodeFlow.Initializer
{
ClientSecrets = new ClientSecrets
{
ClientId = "CLIENT_ID",
ClientSecret = "CLIENT_SECRET"
},
Scopes = new[] { CalendarService.Scope.Calendar }
});
public override string GetUserId(Controller controller)
{
// In this sample we use the session to store the user identifiers.
// That's not the best practice, because you should have a logic to identify
// a user. You might want to use "OpenID Connect".
// You can read more about the protocol in the following link:
// https://developers.google.com/accounts/docs/OAuth2Login.
var user = controller.Session["user"];
if (user == null)
{
user = Guid.NewGuid();
controller.Session["user"] = user;
}
return user.ToString();
}
public override IAuthorizationCodeFlow Flow
{
get { return flow; }
}
}
public class AuthCallbackController : Google.Apis.Auth.OAuth2.Mvc.Controllers.AuthCallbackController
{
protected override Google.Apis.Auth.OAuth2.Mvc.FlowMetadata FlowData
{
get { return new AppFlowMetadata(); }
}
}
public class GoogleController : Controller
{
// GET: Google
[Route("google")]
public ActionResult Index(CancellationToken cancellationToken)
{
//try to get results
var result = new AuthorizationCodeMvcApp(this, new AppFlowMetadata()).
AuthorizeAsync(cancellationToken).Result;
if (result.Credential != null)
{
//// This bit checks if the token is out of date,
//// and refreshes the access token using the refresh token.
if (result.Credential.Token.IsExpired(SystemClock.Default))
{
Google.Apis.Auth.OAuth2.Responses.TokenResponse token = new Google.Apis.Auth.OAuth2.Responses.TokenResponse();
//If the token is expired recreate the token
token = result.Credential.Flow.RefreshTokenAsync("1", result.Credential.Token.RefreshToken, CancellationToken.None).Result;
//Get the authorization details back
result = new AuthorizationCodeMvcApp(this, new AppFlowMetadata()).AuthorizeAsync(cancellationToken).Result;
}
var service = new CalendarService(new BaseClientService.Initializer
{
HttpClientInitializer = result.Credential,
ApplicationName = "ASP.NET MVC Sample"
});
return View();
}
else
{
return new RedirectResult(result.RedirectUri);
}
}
我设法弄明白了。我缺少令牌的存储方法。特别是这一行:
DataStore = new FileDataStore("Drive.Api.Auth.Store")
我在设置 google api oauth2 以访问日历 api 时遇到问题。我在下面使用了以下代码,它工作正常并提示用户授予对日历 api 的访问权限。但是,一旦用户允许访问,该站点就会进入 重定向循环 ,调试时显示 result.Credentials 始终为空。使用 fiddler 我可以看到正在从以下 url 接收令牌:accounts.google.com/o/oauth2/token
回复如下:
{
"access_token" : "TOKEN",
"token_type" : "Bearer",
"expires_in" : 3600
}
我完全不明白为什么从未填充凭据。这是我正在使用的代码:
public class AppFlowMetadata : FlowMetadata
{
private static readonly IAuthorizationCodeFlow flow =
new GoogleAuthorizationCodeFlow(new GoogleAuthorizationCodeFlow.Initializer
{
ClientSecrets = new ClientSecrets
{
ClientId = "CLIENT_ID",
ClientSecret = "CLIENT_SECRET"
},
Scopes = new[] { CalendarService.Scope.Calendar }
});
public override string GetUserId(Controller controller)
{
// In this sample we use the session to store the user identifiers.
// That's not the best practice, because you should have a logic to identify
// a user. You might want to use "OpenID Connect".
// You can read more about the protocol in the following link:
// https://developers.google.com/accounts/docs/OAuth2Login.
var user = controller.Session["user"];
if (user == null)
{
user = Guid.NewGuid();
controller.Session["user"] = user;
}
return user.ToString();
}
public override IAuthorizationCodeFlow Flow
{
get { return flow; }
}
}
public class AuthCallbackController : Google.Apis.Auth.OAuth2.Mvc.Controllers.AuthCallbackController
{
protected override Google.Apis.Auth.OAuth2.Mvc.FlowMetadata FlowData
{
get { return new AppFlowMetadata(); }
}
}
public class GoogleController : Controller
{
// GET: Google
[Route("google")]
public ActionResult Index(CancellationToken cancellationToken)
{
//try to get results
var result = new AuthorizationCodeMvcApp(this, new AppFlowMetadata()).
AuthorizeAsync(cancellationToken).Result;
if (result.Credential != null)
{
//// This bit checks if the token is out of date,
//// and refreshes the access token using the refresh token.
if (result.Credential.Token.IsExpired(SystemClock.Default))
{
Google.Apis.Auth.OAuth2.Responses.TokenResponse token = new Google.Apis.Auth.OAuth2.Responses.TokenResponse();
//If the token is expired recreate the token
token = result.Credential.Flow.RefreshTokenAsync("1", result.Credential.Token.RefreshToken, CancellationToken.None).Result;
//Get the authorization details back
result = new AuthorizationCodeMvcApp(this, new AppFlowMetadata()).AuthorizeAsync(cancellationToken).Result;
}
var service = new CalendarService(new BaseClientService.Initializer
{
HttpClientInitializer = result.Credential,
ApplicationName = "ASP.NET MVC Sample"
});
return View();
}
else
{
return new RedirectResult(result.RedirectUri);
}
}
我设法弄明白了。我缺少令牌的存储方法。特别是这一行:
DataStore = new FileDataStore("Drive.Api.Auth.Store")