为什么在此Google Oauth2 openid令牌的有效负载中未返回用户名?

时间:2019-07-08 13:32:40

标签: oauth-2.0 google-api google-openid

对OAuth2端点的请求: https://accounts.google.com/o/oauth2/auth

返回电子邮件和其他信息(请参见下文),但不返回用户名 在响应中可以看到,在请求范围内提供了“ userinfo.profile”。该请求已被接受,因为我收到了正确的令牌。

为什么有效载荷中不包含使用名称?

{
    "id_token": {
        "header": {
            "alg": "RS256",
            "kid": "...",
            "typ": "JWT"
        },
        "payload": {
            "iss": "accounts.google.com",
            "azp": "...",
            "aud": "...",
            "sub": "...",
            "email": "an-email@gmail.com",
            "email_verified": "true",
            "at_hash": "hpUxcCnG-3lHPSBOb1vw-A",
            "nonce": "...",
            "iat": "...",
            "exp": "..."
        },
        "signature": "j..."
    },
    "access_token": "...",
    "raw": {
        "access_token": "...",
        "expires_in": "3600",
        "scope": "openid https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile",
        "token_type": "Bearer",
        "id_token": "..."
    }
}

0 个答案:

没有答案