Question

我遇到了为google任务验证用户身份的问题。

首先，它会对用户进行身份验证并完成最佳操作。但是在第二次旅行中它会引发错误。

Signet::AuthorizationError - Authorization failed.  Server message:
{
  "error" : "invalid_grant"
}:

以下是代码：

def api_client code=""
  @client ||= (begin
      client = Google::APIClient.new
      client.authorization.client_id = settings.credentials["client_id"]
      client.authorization.client_secret = settings.credentials["client_secret"]
      client.authorization.scope = settings.credentials["scope"]
      client.authorization.access_token = "" #settings.credentials["access_token"]
      client.authorization.redirect_uri = to('/callbackfunction')
      client.authorization.code = code
      client
    end)
end

get '/callbackfunction' do
  code = params[:code]
  c = api_client code
  c.authorization.fetch_access_token!
  result = c.execute("tasks.tasklists.list",{"UserId"=>"me"})
  unless result.response.status == 401
    p "#{JSON.parse(result.body)}"
  else
    redirect ("/oauth2authorize")
  end
end

get '/oauth2authorize' do
  redirect api_client.authorization.authorization_uri.to_s, 303
end

执行第二次请求有什么问题？

更新：这是用户同意的链接和参数。

https://accounts.google.com/o/oauth2/auth?
access_type=offline&
approval_prompt=force&
client_id=somevalue&
redirect_uri=http://localhost:4567/oauth2callback&
response_type=code&
scope=https://www.googleapis.com/auth/tasks

Answer 1

问题已解决。

解决方案：

在回调函数中，通过用户同意提供的代码接收的令牌存储在数据库中。

然后在其他函数中，只需从数据库中检索这些令牌，然后使用它来处理任何你想要的谷歌任务API。

get '/callbackfunction' do
  code = params[:code]
  c = api_client code
  c.authorization.fetch_access_token!
  # store the tokens in the database.
end

get '/tasklists' do
  # Retrieve the codes from the database and create a client
  result = client.execute("tasks.tasklists.list",{"UserId"=>"me"})
  unless result.response.status == 401
    p "#{JSON.parse(result.body)}"
  else
    redirect "/oauth2authorize"
  end
end

Answer 2

我正在使用rails，我只将令牌存储在DB中。然后使用脚本我在调用execute之前设置新客户端，以下是代码。

client = Google::APIClient.new(:application_name => 'my-app', :application_version => '1.0')
client.authorization.scope = 'https://www.googleapis.com/auth/analytics.readonly'
client.authorization.client_id = Settings.ga.app_key
client.authorization.client_secret = Settings.ga.app_secret
client.authorization.access_token = auth.token
client.authorization.refresh_token = true
client.authorization.update_token!({access_token: auth.token})

client.authorization.fetch_access_token!

if client.authorization.refresh_token && client.authorization.expired?
    client.authorization.fetch_access_token!
end

puts "Getting accounts list..."

result = client.execute(:api_method => analytics.management.accounts.list)
puts " ===========> #{result.inspect}"
items = JSON.parse(result.response.body)['items']

但是，它会给你带来同样的错误，

    /signet-0.4.5/lib/signet/oauth_2/client.rb:875:in `fetch_access_token': Authorization  failed.  Server message: (Signet::AuthorizationError)
{
  "error" : "invalid_grant"
}
    from /signet-0.4.5/lib/signet/oauth_2/client.rb:888:in `fetch_access_token!'

请说明为什么它无法使用给定的令牌？我使用过oauth2，因此用户已获得授权。现在我想访问api并获取数据......

=================== 更新 =================== < / p>

好的，有两个问题，

权限将添加到devise.rb，

config.omniauth :google_oauth2, Settings.ga.app_key,Settings.ga.app_secret,{ 
  access_type: "offline", 
  approval_prompt: "" ,
  :scope => "userinfo.email, userinfo.profile, plus.me, analytics.readonly"

}

必须将refresh_token传递给API调用，否则无法授权。

我希望这有助于某人，面对类似的问题。

Google任务API身份验证问题ruby

2 个答案: