无法使用oauth1执行Google UpgradableAPI

时间:2014-08-25 02:30:03

标签: google-app-engine oauth google-oauth marketplace

我们的问题已经解决,请向下滚动以查看我们的原始问题。

所以这是完整的工作代码,我将其包装在方法中 (System.in用于输入访问令牌,因此您不必像我一样在浏览器中反复登录):

public static void executeUpgradableApi() throws IOException {
    OAuthHmacSigner signer = new OAuthHmacSigner();
    signer.clientSharedSecret = CONSUMER_SECRET;

    System.out.println("Please input the access token in the console and press Enter. If you don't have access token, press Enter directly.");
    InputStreamReader isr = new InputStreamReader(System.in);
    BufferedReader br = new BufferedReader(isr);
    String accessToken = br.readLine();

    if (accessToken == null || accessToken.trim().length() == 0) {
        // Get Temporary Token
        String scopes = URLEncoder.encode("https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile", "UTF-8");
        OAuthGetTemporaryToken getTemporaryToken = new OAuthGetTemporaryToken("https://www.google.com/accounts/OAuthGetRequestToken?scope=" + scopes);
        getTemporaryToken.signer = signer;
        getTemporaryToken.consumerKey = CONSUMER_KEY;
        getTemporaryToken.transport = new NetHttpTransport();
        getTemporaryToken.callback = "http://localhost:8888/";
        OAuthCredentialsResponse temporaryTokenResponse = getTemporaryToken.execute();

        // Build Authenticate URL
        OAuthAuthorizeTemporaryTokenUrl accessTempToken = new OAuthAuthorizeTemporaryTokenUrl("https://www.google.com/accounts/OAuthAuthorizeToken");
        accessTempToken.temporaryToken = temporaryTokenResponse.token;
        String authUrl = accessTempToken.build();

        // Redirect to Authenticate URL in order to get Verifier Code
        System.out.println("Please open this url in browser and authorize the request: " + authUrl);

        String verifierCode = br.readLine();
        System.out.println("Continue with verifier code [" + verifierCode + "], request token=[" + temporaryTokenResponse.token + "]");

        // Get Access Token using Temporary token and Verifier Code
        OAuthGetAccessToken getAccessToken = new OAuthGetAccessToken("https://www.google.com/accounts/OAuthGetAccessToken");
        signer.tokenSharedSecret = temporaryTokenResponse.tokenSecret;
        getAccessToken.signer = signer;
        getAccessToken.temporaryToken=temporaryTokenResponse.token;
        getAccessToken.transport = new NetHttpTransport();
        getAccessToken.verifier= verifierCode;
        getAccessToken.consumerKey = CONSUMER_KEY;
        OAuthCredentialsResponse accessTokenResponse = getAccessToken.execute();

        accessToken = accessTokenResponse.token;
    }
    System.out.println("accessToken:[" + accessToken + "]");
    // Build OAuthParameters in order to use them while accessing the resource
    OAuthParameters oauthParameters = new OAuthParameters();
    oauthParameters.signer = signer;
    oauthParameters.consumerKey = CONSUMER_KEY;
    oauthParameters.token = accessToken;
    oauthParameters.version = "1.0";

    // Use OAuthParameters to access the desired Resource URL
    HttpRequestFactory requestFactory = new NetHttpTransport().createRequestFactory(oauthParameters);
    // GenericUrl genericUrl = new GenericUrl("https://www.googleapis.com/appsmarket/v2/upgradableApp");
    GenericUrl genericUrl = new GenericUrl(API_ENDPOINT);
    HttpContent content = new EmptyContent();
    HttpResponse response = requestFactory.buildPutRequest(genericUrl, content).setLoggingEnabled(true).execute();
    System.out.println(response.parseAsString());
}

======================== 这是旧问题: ========== ==============

我们在谷歌市场上有一个oauth1应用程序,我们希望最近使用google UpgradableAPI将其升级到oauth2。但是,获取访问令牌时,我总是会收到signature_invalid错误。我现在被困在这里了。 oauth1游乐场似乎也被删除了,所以我无法调试。

要使用oauth1执行UpgradableAPI,我在stackoverflow中找到了一些示例代码,并进行了一些更改。我在下面发布了它,请帮助检查代码中是否有任何错误或遗漏。非常感谢。

    OAuthHmacSigner signer = new OAuthHmacSigner();
    // Get request Token
    OAuthGetTemporaryToken getTemporaryToken = new OAuthGetTemporaryToken("https://www.google.com/accounts/OAuthGetRequestToken?scope=https://www.googleapis.com/auth/userinfo.email");
    signer.clientSharedSecret = CONSUMER_SECRET;
    getTemporaryToken.signer = signer;
    getTemporaryToken.consumerKey = CONSUMER_KEY;
    getTemporaryToken.transport = new NetHttpTransport();
    getTemporaryToken.callback = "http://aaa.aaa.com/aaa"; // A fake url here, just to get verifier code
    OAuthCredentialsResponse temporaryTokenResponse = getTemporaryToken.execute();

    // Build Authenticate URL
    OAuthAuthorizeTemporaryTokenUrl accessTempToken = new OAuthAuthorizeTemporaryTokenUrl("https://www.google.com/accounts/OAuthAuthorizeToken");
    accessTempToken.temporaryToken = temporaryTokenResponse.token;
    String authUrl = accessTempToken.build();

    // Redirect to Authenticate URL in order to get Verifier Code
    System.out.println(authUrl);

    // Open the link in browser and get verifier code from the callback url.

    InputStreamReader isr = new InputStreamReader(System.in);
    BufferedReader br = new BufferedReader(isr);
    String verifierCode = br.readLine();
    System.out.println("Continue with verifier code [" + verifierCode + "]");

    // Get Access Token using Temporary token and Verifier Code
    OAuthGetAccessToken getAccessToken = new OAuthGetAccessToken("https://www.google.com/accounts/OAuthGetAccessToken");
    getAccessToken.signer = signer;
    getAccessToken.temporaryToken=temporaryTokenResponse.token;
    getAccessToken.transport = new NetHttpTransport();
    getAccessToken.verifier= verifierCode;
    getAccessToken.consumerKey = CONSUMER_KEY;
    **OAuthCredentialsResponse accessTokenResponse = getAccessToken.execute(); // Always get signature_invalid error here!!!!!!!!!**

    // Build OAuthParameters in order to use them while accessing the resource
    OAuthParameters oauthParameters = new OAuthParameters();
    signer.tokenSharedSecret = accessTokenResponse.tokenSecret;
    oauthParameters.signer = signer;
    oauthParameters.consumerKey = CONSUMER_KEY;
    oauthParameters.token = accessTokenResponse.token;
    oauthParameters.verifier = verifierCode;

    // Use OAuthParameters to access the desired Resource URL
    HttpRequestFactory requestFactory = new NetHttpTransport().createRequestFactory(oauthParameters);
    GenericUrl genericUrl = new GenericUrl("https://www.googleapis.com/appsmarket/v2/upgradableApp/ListingID/ChromeWebstoreItemId/domain");
    HttpResponse response = requestFactory.buildPutRequest(genericUrl, null).execute();
    System.out.println(response.parseAsString());

谷歌的错误是:

  

com.google.api.client.http.HttpResponseException:400错误请求   signature_invalid   base_string:GET&安培; HTTPS%3A%2F%2Fwww.google.com%2Faccounts%2FOAuthGetAccessToken&安培; oauth_consumer_key%3Dxxxxxxxxx.apps.googleusercontent.com%26oauth_nonce%3D27f03753d137a12b%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1408872174%26oauth_token%3D4%25XXXXXXXXXXXXXXXXXXXXXXXX% 26oauth_verifier%3DXXXXXXXXXXXXXXXXXX

2 个答案:

答案 0 :(得分:0)

最终我发现了问题,当获取访问令牌时,我忘了从“获取请求令牌”响应中向签名者添加令牌秘密。添加令牌密钥后,我可以成功获得访问令牌。我希望这个问题和答案可以帮助像我这样的人与oauth v1挣扎。

我现在停留在执行可升级API的最后一步。它总是返回401未经授权的错误。将继续努力。

答案 1 :(得分:0)

可升级的API已成功执行。它总是返回401未授权的问题是,没有必要在签名者中添加令牌秘密,也不需要在oauth params中添加验证者。

相关问题
最新问题