5

我使用 Google Cloud Endpoints 定义了一个简单的 API:

@Api(name = "realestate", version = "v1", clientIds = { com.google.api.server.spi.Constant.API_EXPLORER_CLIENT_ID }, scopes = {
        "https://www.googleapis.com/auth/userinfo.email",
        "https://www.googleapis.com/auth/userinfo.profile" })
public class RealEstatePropertyV1 {

    @ApiMethod(name = "create", path = "properties", httpMethod = HttpMethod.POST)
    public void create(RealEstateProperty property, User user)
            throws UnauthorizedException {
        if (user == null) {
            throw new UnauthorizedException("Must log in");
        }
        System.out.println(user.getEmail());
    }

}

然后我尝试使用API explorer. 我激活了 OAuth 2.0。但是当我执行请求时,User对象是null.

Jun 23, 2013 10:21:50 AM com.google.appengine.tools.development.DevAppServerImpl start
INFO: Dev App Server is now running
Jun 23, 2013 10:22:42 AM com.google.api.server.spi.SystemServiceServlet init
INFO: SPI restricted: true
Jun 23, 2013 10:22:43 AM com.google.api.server.spi.WebApisUserService getCurrentUser
WARNING: getCurrentUser: clientId  not allowed
Jun 23, 2013 10:22:43 AM com.google.api.server.spi.SystemService invokeServiceMethod
INFO: cause={0}
com.google.api.server.spi.response.UnauthorizedException: Must log in
    at com.realestate.api.v1.RealEstatePropertyV1.create(RealEstatePropertyV1.java:44)
4

1 回答 1

2

该消息getCurrentUser: clientId not allowed表明与令牌关联的客户端 ID 是空字符串。这似乎不可能,可能是一个奇怪的错误/怪癖。

您应该检查请求中发送的令牌,它将Request位于类似的部分中

GET https://www.googleapis.com/oauth2/v2/userinfo?key={YOUR_API_KEY}

Authorization:  Bearer ya29....
X-JavaScript-User-Agent:  Google APIs Explorer

并且您的令牌是以 . 开头的令牌ya29.。您应该通过将令牌信息发送到 tokeninfo API 来确保它被签出:

https://developers.google.com/apis-explorer/#p/oauth2/v2/oauth2.tokeninfo
于 2013-06-23T16:52:09.000 回答