我正在尝试使用OAuth 2.0从Google获取用户信息(个人资料,电子邮件)。
但是“令牌信息端点”没有返回个人资料信息,即使我将“个人资料”设置为范围。
我按照Google登录iOS的说明进行操作。 (https://developers.google.com/identity/sign-in/ios/backend-auth)
我无法弄清楚为什么这个终点不会像我预期的那样返回个人资料信息。
首先我通过oauth2.0获取令牌(作为测试,我使用Rails获得令牌)
def gmail
require 'oauth2'
client = OAuth2::Client.new(
'Client-id',
'client-secret',
{
site: 'https://accounts.google.com/',
authorize_url: 'o/oauth2/auth',
}
)
redirect_to client.auth_code.authorize_url(
redirect_uri: 'http://localhost:3000/google_signup',
scope: 'email profile',
)
end
token = client.auth_code.get_token(
params[:code],
redirect_uri: 'http://localhost:3000/gmail_signup',
我从此令牌获得id_token。
然后,将GET请求发送到“令牌信息端点”。
"https://www.googleapis.com/oauth2/v3/tokeninfo?id_token=id_token"
但响应不包含个人资料信息。
{
"azp": "azp",
"aud": "aud",
"sub": "sub",
"email": "email@gmail.com",
"email_verified": "true",
"at_hash": "at_hash",
"exp": "TIMESTAMP",
"iss": "accounts.google.com",
"iat": "iat",
"alg": "alg",
"kid": "kid"
}
响应应该是这样的。
{
// These six fields are included in all Google ID Tokens.
"iss": "https://accounts.google.com",
"sub": "110169484474386276334",
"azp": "1008719970978-hb24n2dstb40o45d4feuo2ukqmcc6381.apps.googleusercontent.com",
"aud": "1008719970978-hb24n2dstb40o45d4feuo2ukqmcc6381.apps.googleusercontent.com",
"iat": "1433978353",
"exp": "1433981953",
// These seven fields are only included when the user has granted the "profile" and
// "email" OAuth scopes to the application.
"email": "testuser@gmail.com",
"email_verified": "true",
"name" : "Test User",
"picture": "https://lh4.googleusercontent.com/-kYgzyAWpZzJ/ABCDEFGHI/AAAJKLMNOP/tIXL9Ir44LE/s99-c/photo.jpg",
"given_name": "Test",
"family_name": "User",
"locale": "en"
}