Google OAuth 令牌请求 returns "invalid_client": "Unauthorized"
Google OAuth token request returns "invalid_client": "Unauthorized"
正在尝试让 OAuth2 Google 登录正常工作,这是我的应用发出的原始请求:
方法:POST
URL: https://www.googleapis.com/oauth2/v3/token
Headers: Content-Type: application/x-www-form-urlencoded
值:
client_id: XXX-0123456789abcdef0123456789abcdef.apps.googleusercontent.com
client_secret: A1b2C3d4E5f6G7h8I9j0K1l2M
code: 1/A1b2C3d4E5f6G7h8I9j0K1l2M3n4O5p6Q7r8S9t0U1v
grant_type: authorization_code
redirect_uri: http://localhost:5000/callback/google/
这是回复:
状态:401 Unauthorized
Body:
{
"error": "invalid_client",
"error_description": "Unauthorized"
}
已验证这正是我的应用程序正在发出的请求/响应(Python 应用程序使用 Flask 和 rauth),并且已验证我可以使用 Postman 重现完全相同的请求/响应。
根据其他线程中的说明,我在 Google API 控制台中完成了以下所有操作:
- 在 "OAuth consent screen" 设置中,将 "Product name" 设置为不同于 "Project name"
的内容
- 同样在 "OAuth consent screen" 设置中,double-check 已设置电子邮件
- 启用 Google+ API
- 启用 Gmail API
- 重新创建客户端 ID/密码
- Double-check 客户端 ID / 秘密值中没有前导或尾随空格,我已从 API 控制台
正确复制了它们
无论我做什么,仍然得到与 "invalid_client": "Unauthorized" 相同的响应。
我们将不胜感激。我正在尝试在我的应用程序中设置 OAuth2-powered "Log in with X" 功能,让 Facebook 和 Twitter 正常工作,也想让 Google 正常工作,但如果我不能解决这个问题,那么我'恐怕我将不得不放弃 Google auth.
无效客户端 表示您使用的客户端 ID 或客户端密码无效。它们必须是您从 Google 开发者控制台下载的。
提示:您可能需要考虑使用 Google python client 库,它会为您完成所有繁重的工作。
from __future__ import print_function
import pickle
import os.path
from googleapiclient.discovery import build
from google_auth_oauthlib.flow import InstalledAppFlow
from google.auth.transport.requests import Request
# If modifying these scopes, delete the file token.pickle.
SCOPES = ['https://www.googleapis.com/auth/drive.metadata.readonly']
def main():
"""Shows basic usage of the Drive v3 API.
Prints the names and ids of the first 10 files the user has access to.
"""
creds = None
# The file token.pickle stores the user's access and refresh tokens, and is
# created automatically when the authorization flow completes for the first
# time.
if os.path.exists('token.pickle'):
with open('token.pickle', 'rb') as token:
creds = pickle.load(token)
# If there are no (valid) credentials available, let the user log in.
if not creds or not creds.valid:
if creds and creds.expired and creds.refresh_token:
creds.refresh(Request())
else:
flow = InstalledAppFlow.from_client_secrets_file(
'credentials.json', SCOPES)
creds = flow.run_local_server(port=0)
# Save the credentials for the next run
with open('token.pickle', 'wb') as token:
pickle.dump(creds, token)
service = build('drive', 'v3', credentials=creds)
# Call the Drive v3 API
results = service.files().list(
pageSize=10, fields="nextPageToken, files(id, name)").execute()
items = results.get('files', [])
if not items:
print('No files found.')
else:
print('Files:')
for item in items:
print(u'{0} ({1})'.format(item['name'], item['id']))
if __name__ == '__main__':
main()
刷新 https://console.cloud.google.com/apis/credentials 上的客户端机密文件并删除令牌 pickle 文件夹
正在尝试让 OAuth2 Google 登录正常工作,这是我的应用发出的原始请求:
方法:POST
URL: https://www.googleapis.com/oauth2/v3/token
Headers: Content-Type: application/x-www-form-urlencoded
值:
client_id: XXX-0123456789abcdef0123456789abcdef.apps.googleusercontent.com
client_secret: A1b2C3d4E5f6G7h8I9j0K1l2M
code: 1/A1b2C3d4E5f6G7h8I9j0K1l2M3n4O5p6Q7r8S9t0U1v
grant_type: authorization_code
redirect_uri: http://localhost:5000/callback/google/
这是回复:
状态:401 Unauthorized
Body:
{
"error": "invalid_client",
"error_description": "Unauthorized"
}
已验证这正是我的应用程序正在发出的请求/响应(Python 应用程序使用 Flask 和 rauth),并且已验证我可以使用 Postman 重现完全相同的请求/响应。
根据其他线程中的说明,我在 Google API 控制台中完成了以下所有操作:
- 在 "OAuth consent screen" 设置中,将 "Product name" 设置为不同于 "Project name" 的内容
- 同样在 "OAuth consent screen" 设置中,double-check 已设置电子邮件
- 启用 Google+ API
- 启用 Gmail API
- 重新创建客户端 ID/密码
- Double-check 客户端 ID / 秘密值中没有前导或尾随空格,我已从 API 控制台 正确复制了它们
无论我做什么,仍然得到与 "invalid_client": "Unauthorized" 相同的响应。
我们将不胜感激。我正在尝试在我的应用程序中设置 OAuth2-powered "Log in with X" 功能,让 Facebook 和 Twitter 正常工作,也想让 Google 正常工作,但如果我不能解决这个问题,那么我'恐怕我将不得不放弃 Google auth.
无效客户端 表示您使用的客户端 ID 或客户端密码无效。它们必须是您从 Google 开发者控制台下载的。
提示:您可能需要考虑使用 Google python client 库,它会为您完成所有繁重的工作。
from __future__ import print_function
import pickle
import os.path
from googleapiclient.discovery import build
from google_auth_oauthlib.flow import InstalledAppFlow
from google.auth.transport.requests import Request
# If modifying these scopes, delete the file token.pickle.
SCOPES = ['https://www.googleapis.com/auth/drive.metadata.readonly']
def main():
"""Shows basic usage of the Drive v3 API.
Prints the names and ids of the first 10 files the user has access to.
"""
creds = None
# The file token.pickle stores the user's access and refresh tokens, and is
# created automatically when the authorization flow completes for the first
# time.
if os.path.exists('token.pickle'):
with open('token.pickle', 'rb') as token:
creds = pickle.load(token)
# If there are no (valid) credentials available, let the user log in.
if not creds or not creds.valid:
if creds and creds.expired and creds.refresh_token:
creds.refresh(Request())
else:
flow = InstalledAppFlow.from_client_secrets_file(
'credentials.json', SCOPES)
creds = flow.run_local_server(port=0)
# Save the credentials for the next run
with open('token.pickle', 'wb') as token:
pickle.dump(creds, token)
service = build('drive', 'v3', credentials=creds)
# Call the Drive v3 API
results = service.files().list(
pageSize=10, fields="nextPageToken, files(id, name)").execute()
items = results.get('files', [])
if not items:
print('No files found.')
else:
print('Files:')
for item in items:
print(u'{0} ({1})'.format(item['name'], item['id']))
if __name__ == '__main__':
main()
刷新 https://console.cloud.google.com/apis/credentials 上的客户端机密文件并删除令牌 pickle 文件夹