4

我正在尝试这样做:

https://developers.google.com/identity/sign-in/web/backend-auth#calling-the-tokeninfo-endpoint

我使用我的 CLIENT_ID 复制粘贴了示例中的 Java 代码,但除了用户 ID、电子邮件和已验证的电子邮件之外,我无法获得更多信息。idTokenString 验证 OK。其他人有这个工作吗?

我在 OAuth 2.0 Playground 中询问了这些:

https://www.googleapis.com/auth/plus.login

https://www.googleapis.com/auth/plus.me

https://www.googleapis.com/auth/userinfo.email

https://www.googleapis.com/auth/userinfo.profile

https://www.googleapis.com/auth/plus.moments.write

https://www.googleapis.com/auth/plus.profile.agerange.read

https://www.googleapis.com/auth/plus.profile.language.read

https://www.googleapis.com/auth/plus.circles.members.read

我猜 user.profile 是我只需要的?

这是我的代码:

GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory)
                .setAudience(Arrays.asList(CLIENT_ID))
                .setIssuer("accounts.google.com")
                .build();

        GoogleIdToken idToken = verifier.verify(idTokenString);
        System.out.println("SUCCESS!");
        System.out.println(idToken);

        if (idToken != null) {
            GoogleIdToken.Payload payload = idToken.getPayload();

            // Print user identifier
            String userId = payload.getSubject();
            System.out.println("User ID: " + userId);

            // Get profile information from payload
            String email = payload.getEmail();
            boolean emailVerified = payload.getEmailVerified();
            String name = (String) payload.get("name");
            String pictureUrl = (String) payload.get("picture");
            String locale = (String) payload.get("locale");
            String familyName = (String) payload.get("family_name");
            String givenName = (String) payload.get("given_name");

            // Use or store profile information
            // ...
            System.out.println(email);
            System.out.println(emailVerified);
            System.out.println(name);
            System.out.println(pictureUrl);
            System.out.println(locale);
            System.out.println(familyName);
            System.out.println(givenName);


        } else {
            System.out.println("Invalid ID token.");
        }
    } catch (GeneralSecurityException | IOException e) {

        System.out.println("ERRRRO! Invalid ID token.");
    }

使用:java-api-client 1.20.0

4

1 回答 1

3

我今天使用时遇到了同样的问题com.google.api-client:google-api-client:1.22.0

但我能够解决它。

问题

当试图从 OAuth2 游乐场获取 id 令牌时,我注意到有这个请求

POST /oauth2/v4/token HTTP/1.1 Host: www.googleapis.com

谷歌库已经硬编码TOKEN_SERVER_URLGoogleOAuthConstants价值https://accounts.google.com/o/oauth2/token

使固定

为了解决这个问题,我创建了以下课程

public class GoogleAuthorizationCodeTokenV4Request extends GoogleAuthorizationCodeTokenRequest {


    public GoogleAuthorizationCodeTokenV4Request(HttpTransport transport, JsonFactory jsonFactory, String clientId, String
            clientSecret, String code, String redirectUri) {
        super(transport, jsonFactory, "https://www.googleapis.com/oauth2/v4/token", clientId, clientSecret,
            code, redirectUri);
    }
}

然后只是调用它而不是原来的GoogleAuthorizationCodeTokenRequest

return new GoogleAuthorizationCodeTokenV4Request(new NetHttpTransport(), JacksonFactory.getDefaultInstance(),
                clientId, secret, authToken, callBack)
                .execute();

profile范围内的所有信息(图片、名称等)都在id_token

于 2017-02-20T13:45:30.487 回答