尝试使用JWT以及Java Auth客户端API调用获取访问令牌但未成功。
使用下面的Java客户端API代码,我得到了Exception" java.net.SocketTimeoutException:connect timed out"。
GoogleCredential credential = new GoogleCredential.Builder()
.setTransport(HTTP_TRANSPORT)
.setJsonFactory(JSON_FACTORY)
.setServiceAccountId("@developer.gserviceaccount.com")
.setServiceAccountPrivateKeyFromP12File(new File("<publickey>-privatekey.p12"))
.setServiceAccountScopes("https://www.googleapis.com/auth/devstorage.full_control")
.build();
credential.refreshToken();
System.out.println("access token : " + credential.getAccessToken());
System.out.println("refresh token : " + credential.getRefreshToken());
如果我们删除对&#34; credential.refreshtoken()&#34;的调用,则返回空访问密钥和刷新密钥。有人可以指导我,告诉我哪里出错了吗?
同样使用直接JWT令牌进行身份验证,如下所示,我得到回复&#34; {&#34;错误&#34; :&#34; invalid_grant&#34;}&#34;错误代码400:
private static PrivateKey getPrivateKey(String keyFile, String alias, String password)
throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException
{
KeyStore keystore = KeyStore.getInstance("PKCS12");
keystore.load(new FileInputStream(keyFile), password.toCharArray());
PrivateKey privateKey = (PrivateKey) keystore.getKey(alias, password.toCharArray());
return privateKey;
}
public static String sign(PrivateKey privateKey, JsonFactory jsonFactory,
String header, String payload) throws Exception {
System.out.println("header : " + header + " : " + Base64.encodeBase64URLSafeString(header.getBytes()));
System.out.println("payload : " + payload + " : " + Base64.encodeBase64URLSafeString(payload.getBytes()));
String content = Base64.encodeBase64URLSafeString(header.getBytes()) + "."
+ Base64.encodeBase64URLSafeString(payload.getBytes());
byte[] contentBytes = StringUtils.getBytesUtf8(content);
Signature signer = Signature.getInstance("SHA256withRSA");
signer.initSign(privateKey);
signer.update(contentBytes);
byte[] signature = signer.sign();
String signedContent = content + "." + Base64.encodeBase64URLSafeString(signature);
System.out.println("signedContent:" + signedContent);
return signedContent;
}
public static void main(String args[]) {
HttpTransport HTTP_TRANSPORT = new NetHttpTransport();
JsonFactory JSON_FACTORY = new JacksonFactory();
String header = "{\"alg\":\"RS256\",\"typ\":\"JWT\"} ";
String payload = "{\"iss\":\"*******@developer.gserviceaccount.com\",\"scope\":\"https://www.googleapis.com/auth/devstorage.full_control\",\"aud\":\"https://accounts.google.com/o/oauth2/token\",\"exp\": " + new Date().getTime() + ",\"iat\":" + (new Date().getTime() + 3600000) + "}";
PrivateKey serviceAccountPrivateKey = getPrivateKey("<public_key>-privatekey.p12", "privatekey", "notasecret");
String assertion = sign(serviceAccountPrivateKey, JSON_FACTORY, header, payload);
}
稍后将此断言传递给API&#34; https://accounts.google.com/o/oauth2/token&#34;使用这个生成的断言和授权类型&#34; urn:ietf:params:oauth:grant-type:jwt-bearer&#34; ,给出回应&#34; {&#34;错误&#34; :&#34; invalid_grant&#34;}&#34;错误代码400。
有人可以帮助我并建议我哪里出错吗?
答案 0 :(得分:0)
您可以试试google-api-java-client支持小组。 https://groups.google.com/forum/#!forum/google-api-java-client