我正在使用Google+登录并始终正确地收到了令牌,但是当我想通过卷曲向此“https://www.googleapis.com/plus/v1/people/me”发出请求时。我总是得到同样的错误。
代码android进行登录:
// Scope to get the token with the user information
public static final String SCOPE_GOOGLE_USER_INFORMATION = "https://www.googleapis.com/auth/userinfo.profile";
public static final String SCOPE_GOOGLE_PLUS_ME = "https://www.googleapis.com/auth/plus.me";
public static final String SCOPE_GOOGLE_PLUS_LOGIN = "https://www.googleapis.com/auth/plus.login";
public static final String SCOPE_GOOGLE_PLUS_EMAIL = "https://www.googleapis.com/auth/userinfo.email";
public static final String SCOPE = "oauth2:" + SCOPE_GOOGLE_USER_INFORMATION + " " + SCOPE_GOOGLE_PLUS_ME + " " + SCOPE_GOOGLE_PLUS_LOGIN + " " + SCOPE_GOOGLE_PLUS_EMAIL;
String token = GoogleAuthUtil.getToken(activity, userEmail, SCOPE);
然后我发出卷曲请求:
curl -H "Authorization: Bearer TOKEN" https://www.googleapis.com/plus/v1/people/me?key={KEY}
我总是收到同样的错误:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "authError",
"message": "Invalid Credentials",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Invalid Credentials"
}
}
答案 0 :(得分:1)
您的密钥和访问令牌必须来自同一个项目。您可以通过将访问令牌插入到https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=
来检查访问令牌的项目编号删除plus.me范围,这是不需要的。电子邮件和个人资料范围可分别替换为字符串“email”和“profile”(无https://wwww.googleapis.com等)。 plus.login是合理的,但如果您只是获得基本配置文件,则不需要它 - 配置文件范围将从plus API中获取。