Question

我尝试使用Google API .NET客户端库从我的ASP.NET网络服务器访问购买状态API，这是使用Purchase API v1.1的推荐方法。但是，此API的Authorization page建议直接向Google的OAuth2网页发送网页请求，而不是使用相应的客户端库。

好的，我尝试了两种方法，包括我能想象到的所有变化，并且它们都导致＆＃34;远程服务器返回错误：（400）错误请求。＆＃34;。

现在我做了什么来达到我的观点。首先，我已在“授权”页面的“创建API控制台项目”下完成了所有步骤1-8。接下来，我生成了刷新令牌，如此处所述。在刷新令牌生成期间，我选择了与用于发布我的Android应用程序相同的Google帐户（现在处于已发布的测试版状态）。

接下来，我已经在Visual Studio中为测试目的创建了一个控制台C＃应用程序（可能是控制台应用程序出了问题吗？）并尝试使用此代码调用Purchase API（在某些Google API示例中找到）：

private static void Main(string[] args) { var provider = new WebServerClient(GoogleAuthenticationServer.Description) { ClientIdentifier = "91....751.apps.googleusercontent.com", ClientSecret = "wRT0Kf_b....ow" }; var auth = new OAuth2Authenticator<WebServerClient>( provider, GetAuthorization); var service = new AndroidPublisherService( new BaseClientService.Initializer() { Authenticator = auth, ApplicationName = APP_NAME }); var request = service.Inapppurchases.Get( PACKAGE_NAME, PRODUCT_ID, PURCHASE_TOKEN); var purchaseState = request.Execute(); Console.WriteLine(JsonConvert.SerializeObject(purchaseState)); } private static IAuthorizationState GetAuthorization(WebServerClient client) { IAuthorizationState state = new AuthorizationState( new[] {"https://www.googleapis.com/auth/androidpublisher"}) { RefreshToken = "4/lWX1B3nU0_Ya....gAI" }; // below is my redirect URI which I used to get a refresh token // I tried with and without this statement state.Callback = new Uri("https://XXXXX.com/oauth2callback/"); client.RefreshToken(state); // <-- Here we have (400) Bad request return state; }

然后我尝试使用此代码获取访问令牌（我在此处找到了它：Google Calendar API - Bad Request (400) Trying To Swap Code For Access Token）：

public static string GetAccessToken() { var request = WebRequest.Create( "https://accounts.google.com/o/oauth2/token"); request.Method = "POST"; var postData = string.Format( @"code={0}&client_id={1}&client_secret={2}&redirect_uri={3}&grant_type=authorization_code", // refresh token I got from browser // also tried with Url encoded value // 4%2FlWX1B3nU0_Yax....gAI "4/lWX1B3nU0_Yax....gAI", // ClientID from Google APIs Console "919....1.apps.googleusercontent.com", // Client secret from Google APIs Console "wRT0Kf_bE....w", // redirect URI from Google APIs Console // also tried Url encoded value // https%3A%2F%2FXXXXX.com%2Foauth2callback%2F "https://XXXXX.com/oauth2callback/"); byte[] byteArray = Encoding.UTF8.GetBytes(postData); request.ContentType = "application/x-www-form-urlencoded"; request.ContentLength = byteArray.Length; using (var dataStream = request.GetRequestStream()) { dataStream.Write(byteArray, 0, byteArray.Length); dataStream.Close(); } try { // request.GetResponse() --> (400) Bad request again! using (var response = request.GetResponse()) { using (var dataStream = response.GetResponseStream()) { using (var reader = new StreamReader(dataStream)) { var responseFromServer = reader.ReadToEnd(); var jsonResponse = JsonConvert.DeserializeObject<OAuth2Response>(responseFromServer); return jsonResponse.access_token; } } } } catch (Exception ex) { var x = ex; } return null; }

所以，总结我所有的长篇故事：

是否可以使用上述任一方法从C＃控制台应用程序（无需用户交互）传递OAuth2授权？

我已经仔细检查了重定向URI（因为我在stackoverflow上看到了很多讨论的麻烦）以及ClientID和ClientSecret等其他参数。我在上面的代码中可能做错了什么？

我是否需要对刷新令牌中的斜杠进行URL编码（我看到使用客户端库的第一种方法是这样做的）？

实现我的最终目标的推荐方法是什么（从ASP.NET Web服务器购买API访问）？

Answer 1

我会尽力回答你的上一个问题。如果您访问自己的数据帐户，则无需在oAuth2中使用客户端ID。我们使用服务帐户访问Google Play API。

在Google Developer Console＆gt;中创建服务帐户Your project＆gt; APIs and auth＆gt; Credentials＆gt; Create a new key。您将下载一个p12键。
创建一个C＃项目。您可以选择控制台应用程序
从Google.Apis.androidpublisher. Nuget安装google play api库。您可以在Google APIs Client Library for .NET
在API访问中将google api项目与您的Google Play帐户相关联

验证并尝试查询信息。我将尝试列出所有inapp项目。您只需更改即可获得购买状态

String serviceAccountEmail = "your-mail-in-developer-console@developer.gserviceaccount.com";

    var certificate = new X509Certificate2(@"physical-path-to-your-key\key.p12", "notasecret", X509KeyStorageFlags.Exportable);

    ServiceAccountCredential credential = new ServiceAccountCredential(
       new ServiceAccountCredential.Initializer(serviceAccountEmail)
       {
           Scopes = new[] { "https://www.googleapis.com/auth/androidpublisher" }
       }.FromCertificate(certificate));


    var service = new AndroidPublisherService(
   new BaseClientService.Initializer()
   {
       HttpClientInitializer = credential,
       ApplicationName = "GooglePlay API Sample",
   });
// try catch this function because if you input wrong params ( wrong token) google will return error.
    var request = service.Inappproducts.List("your-package-name");
    var purchaseState = request.Execute();

   // var request = service.Purchases.Products.Get(
   //"your-package-name", "your-inapp-item-id", "purchase-token"); get purchase'status



    Console.WriteLine(JsonConvert.SerializeObject(purchaseState));

Answer 2

你应该在你的身上做到以下几点 private static IAuthorizationState GetAuthorization（WebServerClient client）方法：

        private IAuthorizationState GetAuthorization(WebServerClient client)
        {
            IAuthorizationState state = AuthState;
            if (state != null)
            {
                return state;
            }

            state = new AuthorizationState()
            {
                RefreshToken = "4/lWX1B3nU0_Ya....gAI",
                Callback = new Uri(@"https://XXXXX.com/oauth2callback/")
            };
            client.RefreshToken(state);

            // Store and return the credentials.
            HttpContext.Current.Session["AUTH_STATE"] = _state = state;
            return state;
        }

让我知道它是否适合你。
请注意，我们知道整个OAuth2流程今天很尴尬，我们正在努力改进它。

来自C＃/。NET服务的Google Play Android Developer API - （400）错误请求

2 个答案: