使用谷歌oauth2游乐场:https://developers.google.com/oauthplayground/ 随后:https://developers.google.com/accounts/docs/OAuth2WebServer#offline
为什么我收到无效请求?
POST /o/oauth2/token HTTP/1.1
Host: accounts.google.com
Content-length: 209
Content-type: application/x-www-form-urlencoded
Authorization: OAuth ya29.XXXXXXXX
client_id=XXXXXXXXX&
client_secret=XXXXXXXXX&
refresh_token=1/0ffkj5lggn8XXXXXXXXX&
grant_type=refresh_token
HTTP/1.1 400 Bad Request
Content-length: 33
X-xss-protection: 1; mode=block
X-content-type-options: nosniff
X-google-cache-control: remote-fetch
-content-encoding: gzip
Server: GSE
Reason: Bad Request
Via: HTTP/1.1 GWA
Pragma: no-cache
Cache-control: no-cache, no-store, max-age=0, must-revalidate
Date: Thu, 11 Oct 2012 21:29:55 GMT
X-frame-options: SAMEORIGIN
Content-type: application/json
Expires: Fri, 01 Jan 1990 00:00:00 GMT
{
"error" : "invalid_request"
}
答案 0 :(得分:1)
如果您获得400,则是因为您要添加无效参数或缺少参数。
编辑:
我相信从给定的数据中有一个额外的标题授权。仅当在标头中传递access_token时才在oauth2中使用它来进行经过身份验证的调用
Authorization : Bearer XXXXXXXXXXXXXXXX
https://developers.google.com/accounts/docs/OAuth2InstalledApp#refresh