我跟着这个指南谷歌登录Android版:https://developers.google.com/identity/sign-in/android/sign-in的OAuth2 INVALID_TOKEN
我可以成功登录,但我不知道我是否应该使用作为访问令牌的getIdToken()
或getServerAuthCode()
。
我试图通过他们两个,一个在时间,https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=[access_token]但它总是返回:
{ “错误”: “INVALID_TOKEN”, “ERROR_DESCRIPTION”: “无效值”}
这里是我想是我的代码的相关部分:
// Configure sign-in to request the user's ID, email address, and basic
// profile. ID and basic profile are included in DEFAULT_SIGN_IN.
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestEmail()
.requestIdToken(getString(R.string.server_client_id))
.requestServerAuthCode(getString(R.string.server_client_id))
.requestScopes(new Scope(Scopes.EMAIL))
.requestScopes(new Scope(Scopes.PROFILE))
.build();
// Build a GoogleApiClient with access to the Google Sign-In API and the
// options specified by gso.
mGoogleApiClient = new GoogleApiClient.Builder(this)
.addApi(Auth.GOOGLE_SIGN_IN_API, gso)
.build();
private void handleSignInResult(GoogleSignInResult result) {
Log.d(TAG, "handleSignInResult:" + result.isSuccess());
if (result.isSuccess()) {
// Signed in successfully, show authenticated UI.
GoogleSignInAccount acct = result.getSignInAccount();
// I also tried String googleAccessToken = acct.getIdToken();
String googleAccessToken = acct.getServerAuthCode();
...
// Omitted code to make POST request to server
...
} else {
// Signed out, show unauthenticated UI.
}
我一直在谷歌上搜索了几个小时,但无济于事。谢谢。
编辑:
对不起,我想我错过了一步。我要去试试这个:developers.google.com/android/guides/http-auth然后再用GoogleAuthUtil.getToken()
你用什么的访问令牌?ID标记卡更加安全和后端高性能机制auth。如果需要后端访问资源,请使用授权码? –
ID令牌包含您可能使用访问令牌提取的所有信息:https://developers.google.c om/identity /登录/ android/backend-auth –
@StevenSoneff:我的应用程序正在使用的后端将不接受ID令牌。我得到它与访问令牌一起工作。我检查了后端的代码,并使用https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=[access_token]验证令牌。 – Decimal