根据这个文档,接收 OAuth 访问令牌的过程很简单。我想查看准备好接受 OAuth 2.0 访问令牌的所有可用 API 端点的列表。但是对于我目前的需求,我想以某种方式接收username和email使用 OAuth 2.0 访问令牌的用户。
例如,我可以成功接收来自此端点的数据:
https://www.google.com/m8/feeds/contacts/default/full
但无法从该端点接收数据:
https://www.googleapis.com/userinfo/email
我尝试了基于标头和基于查询字符串的方法来传递单个访问令牌。这是我尝试过的标题:
Authorization: OAuth My_ACCESS_TOKEN
而且我什至尝试了 OAuth 1.0 版本的 Authorization 标头,但是……例如,在 OAuth 2.0 中,我们没有秘密访问令牌。Google 在他的 OAuth 2.0 实施中使用不记名令牌,因此不需要额外的凭据。
有人使用 Google OAuth 2.0 成功接收了用户名和电子邮件吗?
我找到了我正在寻找的答案。我必须将 PHP 转换为 MVC,但非常简单:
http://codecri.me/case/430/get-a-users-google-email-address-via-oauth2-in-php/
我的 MVCLogin沙箱代码如下所示。(使用 JSON.Net http://json.codeplex.com/)
public ActionResult Login()
{
string url = "https://accounts.google.com/o/oauth2/auth?";
url += "client_id=<google-clientid>";
url += "&redirect_uri=" +
// Development Server :P
HttpUtility.UrlEncode("http://localhost:61857/Account/OAuthVerify");
url += "&scope=";
url += HttpUtility.UrlEncode("http://www.google.com/calendar/feeds/ ");
url += HttpUtility.UrlEncode("http://www.google.com/m8/feeds/ ");
url += HttpUtility.UrlEncode("http://docs.google.com/feeds/ ");
url += HttpUtility.UrlEncode("https://mail.google.com/mail/feed/atom ");
url += HttpUtility.UrlEncode("https://www.googleapis.com/auth/userinfo.email ");
url += HttpUtility.UrlEncode("https://www.googleapis.com/auth/userinfo.profile ");
url += "&response_type=code";
return new RedirectResult(url);
}
返回的code是来自用户的token证明Authorization,然后需要将其转化为Authentication(accessToken)才能访问资源。我的 MVCOAuthVerify然后看起来像:
public ActionResult AgentVerify(string code)
{
JObject json;
if (!string.IsNullOrWhiteSpace(code))
{
NameValueCollection postData = new NameValueCollection();
postData.Add("code", code);
postData.Add("client_id", "<google-clientid>");
postData.Add("client_secret", "<google-client-secret>");
postData.Add("redirect_uri", "http://localhost:61857/Account/OAuthVerify");
postData.Add("grant_type", "authorization_code");
try
{
json = JObject.Parse(
HttpClient.PostUrl(
new Uri("https://accounts.google.com/o/oauth2/token"), postData));
string accessToken = json["access_token"].ToString();
string refreshToken = json["refresh_token"].ToString();
bool isBearer =
string.Compare(json["token_type"].ToString(),
"Bearer",
true,
CultureInfo.CurrentCulture) == 0;
if (isBearer)
{
json = JObject.Parse(
HttpClient.GetUrl(
new Uri("https://www.googleapis.com/oauth2/v1/userinfo?alt=json"),
accessToken));
string userEmail = json["email"].ToString();
}
return View("LoginGood");
}
catch (Exception ex)
{
ErrorSignal.FromCurrentContext().Raise(ex); //ELMAH
}
}
return View("LoginBad");
}
为了完成所有工作,我包含了我创建的 HttpClient 实用程序,以防万一有人需要它。
public class HttpClient
{
public static string GetUrl(Uri url, string OAuth)
{
string result = string.Empty;
using (WebClient httpClient = new WebClient())
{
httpClient.Headers.Add("Authorization","OAuth " + OAuth);
result = httpClient.DownloadString(url.AbsoluteUri);
}
return result;
}
public static string PostUrl(Uri url, NameValueCollection formData)
{
string result = string.Empty;
using (WebClient httpClient = new WebClient())
{
byte[] bytes = httpClient.UploadValues(url.AbsoluteUri, "POST", formData);
result = Encoding.UTF8.GetString(bytes);
}
return result;
}
}
同样,这是测试代码,只是为了让它发挥作用,我不建议在生产环境中按原样使用。
试试这个:
curl -k https://www.googleapis.com/userinfo/email -H“授权:OAuth 1/g5_039aCIAfEBuL7OCyB31n1URYU5tUIDudiWKuxN1o”
输出:email=name@gmail.com&isVerified=tru