Google OAUTH:请求中的重定向 URI 与注册的重定向 URI 不匹配

我正在尝试从我的基于 Java 的网络应用程序上传到 YouTube,我花了几天时间来了解问题出在哪里以及在哪里,但我无法解决问题,现在我正把头发从头上扯下来.

I am trying to make an upload to YouTube from my Java based web app, I spent a few days to understand what and where is the problem and I cannot get it, for now I am pulling my hair out off my head.

我在 Google 控制台中注册了我的网络应用,因此我得到了一对客户端 ID 和密钥,并且可以使用我的配置下载 JSON 类型的文件.

I registered my web app in Google Console, so I got a pair of Client ID and Secret and a possibility to download JSON type file with my config.

所以这里是配置:

{
    "web":{
        "auth_uri":"https://accounts.google.com/o/oauth2/auth",
        "client_secret":"***",
        "token_uri":"https://accounts.google.com/o/oauth2/token",
        "client_email":"***",
        "redirect_uris":["http://localhost:8080/WEBAPP/youtube-callback.html","http://www.WEBAPP.md/youtube-callback.html"],
        "client_x509_cert_url":"***",
        "client_id":"***",
        "auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs",
        "javascript_origins":["http://www.WEBAPP.md/"]
    }
}

我怎么可能从 Google 获得默认 URL?

How is possible that I am getting the default URL from Google?

请求中的重定向 URI:http://localhost:8080/Callback 与注册的重定向 URI 不匹配

它总是给我默认的 http://localhost:8080/Callback URL 而不是我的.

It always gives me the default http://localhost:8080/Callback URL instead of mine.

IDE 控制台告诉我:

And IDE console shows me that:

请在浏览器中打开以下地址:https://accounts.google.com/o/oauth2/auth?client_id=***&redirect_uri=http://localhost:8080/Callback&response_type=code&scope=https://www.googleapis.com/auth/youtube.upload正在尝试在默认浏览器中打开该地址...

我正在使用最新版本的依赖项:google-api-services-youtube v3-rev99-1.17.0-rc 和 google-api-services-youtubeAnalytics v1-rev35-1.17.0-rc

I am using the last version of dependencies: google-api-services-youtube v3-rev99-1.17.0-rc and google-api-services-youtubeAnalytics v1-rev35-1.17.0-rc

推荐答案

当您的浏览器将用户重定向到 Google 的 oAuth 页面时,您是否将希望 Google 服务器与令牌响应一起返回的重定向 URI 作为参数传递?在控制台中设置重定向 URI 并不是告诉 Google 在登录尝试进入时去哪里的一种方式,而是一种告诉 Google 允许的重定向 URI 是什么的方式(因此,如果其他人使用您的客户端编写 Web 应用程序ID 但不同的重定向 URI 将被禁止);当有人点击登录"按钮时,您的网络应用程序应该将浏览器发送到:

When your browser redirects the user to Google's oAuth page, are you passing as a parameter the redirect URI you want Google's server to return to with the token response? Setting a redirect URI in the console is not a way of telling Google where to go when a login attempt comes in, but rather it's a way of telling Google what the allowed redirect URIs are (so if someone else writes a web app with your client ID but a different redirect URI it will be disallowed); your web app should, when someone clicks the "login" button, send the browser to:

https://accounts.google.com/o/oauth2/auth?client_id=XXXXX&redirect_uri=http://localhost:8080/WEBAPP/youtube-callback.html&response_type=code&scope=https://www.googleapis.com/auth/youtube.upload

(作为参数传递的回调 URI 必须是 url 编码的,顺便说一句).

(the callback URI passed as a parameter must be url-encoded, btw).

当 Google 的服务器从用户那里获得授权时,它会将浏览器重定向到您作为 redirect_uri 发送的任何内容.它会将令牌作为参数包含在该请求中,以便您的回调页面随后可以验证令牌、获取访问令牌,然后转到应用程序的其他部分.

When Google's server gets authorization from the user, then, it'll redirect the browser to whatever you sent in as the redirect_uri. It'll include in that request the token as a parameter, so your callback page can then validate the token, get an access token, and move on to the other parts of your app.

如果您访问:

http://code.google.com/p/google-api-java-client/wiki/OAuth2#Authorization_Code_Flow

您可以在那里看到更好的 java 客户端示例,证明您必须重写 getRedirectUri 方法来指定回调路径,以便不使用默认值.

You can see better samples of the java client there, demonstrating that you have to override the getRedirectUri method to specify your callback path so the default isn't used.

重定向 URI 位于 client_secrets.json 文件中的原因有很多……其中一个重要原因是 oAuth 流程可以验证您的应用指定的重定向是否与您的应用允许的匹配.

The redirect URIs are in the client_secrets.json file for multiple reasons ... one big one is so that the oAuth flow can verify that the redirect your app specifies matches what your app allows.

如果您访问 https://developers.google.com/api-client-library/java/apis/youtube/v3 您可以为自己生成一个示例应用程序,该应用程序直接基于控制台中的应用程序,其中(再次)覆盖 getRedirectUri 方法以使用您的特定回调.

If you visit https://developers.google.com/api-client-library/java/apis/youtube/v3 You can generate a sample application for yourself that's based directly off your app in the console, in which (again) the getRedirectUri method is overwritten to use your specific callbacks.

相关文章