为什么我不能使用此卷曲获取Google OAuth 2.0授权码?

时间:2016-05-09 20:59:43

标签: curl oauth-2.0 google-api google-oauth2

我正在尝试使用直接curl调用获取Google OAuth 2.0授权代码(而不是使用Google的库)。

我发出以下卷曲代码:

$ curl \
--verbose \
--request POST \
--data "client_id=56-fake-client-id-bgn2.apps.googleusercontent.com&\
redirect_uri=http://localhost/etc&\
response_type=code&\
scope=https://www.googleapis.com/auth/plus.me" \
"https://accounts.google.com/o/oauth2/auth"

但它不起作用。我不知道为什么。有人可以告诉我这里做错了吗?

* Hostname was NOT found in DNS cache
*   Trying 172.217.1.205...
* Connected to accounts.google.com (172.217.1.205) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
* Server certificate: accounts.google.com
* Server certificate: Google Internet Authority G2
* Server certificate: GeoTrust Global CA
> POST /o/oauth2/auth HTTP/1.1
> User-Agent: curl/7.37.1
> Host: accounts.google.com
> Accept: */*
> Content-Length: 181
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 181 out of 181 bytes
< HTTP/1.1 302 Moved Temporarily
< Content-Type: application/binary
< Location: https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://accounts.google.com/o/oauth2/auth?scope%3Dhttps://www.googleapis.com/auth/plus.me%26response_type%3Dcode%26redirect_uri%3Dhttp://localhost/etc%26client_id%3D565495208508-0kse36pmatmiseu0saegnaijuijibgn2.apps.googleusercontent.com%26from_login%3D1%26as%3D-10d3bff9fcffa578&oauth=1&sarp=1&scc=1
< P3P: CP="This is not a P3P policy! See https://support.google.com/accounts/answer/151657?hl=en for more info."
< Content-Language: en-US
< Transfer-Encoding: chunked
< Date: Mon, 09 May 2016 20:56:21 GMT
< Expires: Mon, 09 May 2016 20:56:21 GMT
< Cache-Control: private, max-age=0
< X-Content-Type-Options: nosniff
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 1; mode=block
* Server GSE is not blacklisted
< Server: GSE
< Set-Cookie: NID=79=cZ2k-0TbWB7EvcbpeTGp8RNsghjbiBx1lR3XvhuYsG8BprYsSszbOGUS2ACLt2Vaoj6MmOBb_PBJl-InreVy1Qhw_jhSPTUEns3hANp15_HU8l4CsPiChL-FTXwPI0mu;Domain=.google.com;Path=/;Expires=Tue, 08-Nov-2016 20:56:21 GMT;HttpOnly
< Alternate-Protocol: 443:quic
< Alt-Svc: quic=":443"; ma=2592000; v="33,32,31,30,29,28,27,26,25"
<
* Connection #0 to host accounts.google.com left intact

1 个答案:

答案 0 :(得分:0)

授权代码授权类型旨在通过浏览器使用,您无法从命令行模仿它。您可以使用其他授权类型并提供已签名的JWT来验证您的客户,请参阅:https://developers.google.com/identity/protocols/OAuth2ServiceAccount

相关问题
最新问题