发送http post请求从auth代码获取令牌时400 Bad Request?

时间:2013-11-26 14:36:40

标签: oauth-2.0 google-oauth

我正在尝试访问accounts.google.com以使用HTTP post请求从授权代码中获取令牌。

    var searchurl = "https://accounts.google.com/o/oauth2/token";

    $.ajax({
        dataType: "json",
        url:searchurl,
        data: {code:auth_code, client_id:'client_id', client_secret:'secret', redirect_uri:'http%3A%2F%2Flocalhost:8085%2FGmailIntegration%2FgetAuthResponse1.jsp', grant_type:'authorization_code'},
        type:"Post",
        contentType:"application/x-www-form-urlencoded",
        success:function(data) {
            alert(data);
        },
        error: function(jqXHR, exception) {
            console.log(jqXHR);

        }
    });

错误:

"NetworkError: 400 Bad Request - https://accounts.google.com/o/oauth2/token?
 code=4/PlKII3f0vsPUhl1QNIUXkiIhlfGA.sq9lFf-oCiIcXE-sT2ZLcbRFnpEphQI&client_id={clientid}   
 &client_secret={secret}&redirect_uri=https://oauth2-login-
 demo.appspot.com/code&grant_type=authorization_code"

请求:

Response Headers
Alternate-Protocol  443:quic
Cache-Control   no-cache, no-store, max-age=0, must-revalidate
Content-Encoding    gzip
Content-Type    application/json
Date    Tue, 26 Nov 2013 14:20:56 GMT
Expires Fri, 01 Jan 1990 00:00:00 GMT
Pragma  no-cache
Server  GSE
X-Firefox-Spdy  3
X-Frame-Options SAMEORIGIN
X-XSS-Protection    1; mode=block
x-content-type-options  nosniff

Request Header:
Accept  application/json, text/javascript, */*; q=0.01
Accept-Encoding gzip, deflate
Accept-Language en-US,en;q=0.5
Cache-Control   no-cache
Connection  keep-alive
Content-Length  0
Content-Type    application/x-www-form-urlencoded
Host    accounts.google.com
Origin  http://localhost:8085
Pragma  no-cache

这是我正在使用的文件: 在Web服务器接收到授权代码之后,它可以交换访问令牌和刷新令牌的授权代码。此请求是HTTPs帖子,包括以下参数:

字段描述 代码初始请求返回的授权代码 client_id应用程序注册期间获取的client_id client_secret应用程序注册期间获取的客户机密钥 redirect_uri在应用程序中注册的URI grant_type如OAuth 2.0规范中所定义,此字段必须包含authorization_code值 实际请求可能如下所示:

POST /o/oauth2/token HTTP/1.1
Host: accounts.google.com
Content-Type: application/x-www-form-urlencoded

code=4/P7q7W91a-oMsCeLvIaQm6bTrgtp7&
client_id=8819981768.apps.googleusercontent.com&
client_secret={client_secret}&
redirect_uri=https://oauth2-login-demo.appspot.com/code&
grant_type=authorization_code

对此请求的成功回复包含以下字段:

Field   Description
access_token    The token that can be sent to a Google API
refresh_token   A token that may be used to obtain a new access token. Refresh tokens are valid until the user revokes access. This field is only present if access_type=offline is included in the authorization code request.
expires_in  The remaining lifetime on the access token
token_type  Indicates the type of token returned. At this time, this field will always have the value Bearer

1 个答案:

答案 0 :(得分:5)

我有这个工作..我正在为那些坚持这个的人分享代码:

$.ajax({
        dataType: "json",
        url:searchurl,
        data: {code:code, client_id:'clientid', client_secret:'secret', redirect_uri:'http://localhost:8085/GmailIntegration/getAuthResponse.jsp', grant_type:'authorization_code'},
        type:"POST",
        contentType:"application/x-www-form-urlencoded; charset=utf-8",
        crossDomain:true,
        cache : true, 
        success:function(data) {
            alert(data);
        },
        error: function(jqXHR, exception, errorstr) {
            console.log(jqXHR);
            alert(errorstr);
        }
    });

但现在我有了新问题。网址得到200 OK响应,但我没有收到回复

enter image description here

相关问题
最新问题