6

使用谷歌 oauth2 游乐场:https ://developers.google.com/oauthplayground/ 关注: https : //developers.google.com/accounts/docs/OAuth2WebServer#offline

任何人为什么我收到无效请求?

POST /o/oauth2/token HTTP/1.1
Host: accounts.google.com
Content-length: 209
Content-type: application/x-www-form-urlencoded
Authorization: OAuth ya29.XXXXXXXX

client_id=XXXXXXXXX&
client_secret=XXXXXXXXX&
refresh_token=1/0ffkj5lggn8XXXXXXXXX&
grant_type=refresh_token

HTTP/1.1 400 Bad Request
Content-length: 33
X-xss-protection: 1; mode=block
X-content-type-options: nosniff
X-google-cache-control: remote-fetch
-content-encoding: gzip
Server: GSE
Reason: Bad Request
Via: HTTP/1.1 GWA
Pragma: no-cache
Cache-control: no-cache, no-store, max-age=0, must-revalidate
Date: Thu, 11 Oct 2012 21:29:55 GMT
X-frame-options: SAMEORIGIN
Content-type: application/json
Expires: Fri, 01 Jan 1990 00:00:00 GMT

{
  "error" : "invalid_request"
}
4

1 回答 1

1

如果您得到 400 是因为您添加了无效参数或缺少参数。

编辑:

我相信从给定的数据有一个额外的标题授权。仅当在标头中传递 access_token 时才在 oauth2 中使用,以进行经过身份验证的调用

Authorization : Bearer XXXXXXXXXXXXXXXX

在刷新 access_token 时,无需在标头中提供相同的内容。

https://developers.google.com/accounts/docs/OAuth2InstalledApp#refresh

于 2013-06-26T17:41:15.933 回答