我正在尝试实施Google server to server authentication using oAuth 为此我根据提到的步骤生成凭据,谷歌给了我json文件以下详细信息
// this is sample data not real data
{
"type": "service_account",
"project_id": "myapp",
"private_key_id": "17af28d89ef88g59e9c44a51csf00f894c23",
"private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCYTyEAeQxHUP66[OTHER TEXT REMOVED]n-----END PRIVATE KEY-----\n",
"client_email": "someemailname@projectname.iam.gserviceaccount.com",
"client_id": "3246344567234535",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/meshpresentations%40meshslides.iam.gserviceaccount.com"
}
我在jwt.io中使用了“private_key”,如下图所示,但显示“无效签名”,是因为只有提供私钥(google)的服务器才能验证它是否是有效令牌?如果是这样的话,当我发起卷曲调用时,我会收到另一个错误。
{
“error”: “invalid_grant”,
“error_description”: “Invalid JWT: Token must be a short-lived token and in a reasonable timeframe”
}
我缺少什么?我甚至不确定我是否错误地制作了JWT令牌或者是否存在其他问题。 PS:我是学习者。
