为什么此访问令牌立即无效?
[英]Why is this access token invalid instantly?
问题描述
Scenario: 
场景:
Created a Google+ Sign-On button for the user to log in. This works.
创建了一个Google+登录按钮供用户登录。 Saved the access token and printed it out on the index/home page to make sure an access token actually exists.
保存访问令牌并将其打印在索引/主页上,以确保访问令牌确实存在。 This works. 这可行。 Attempt to use that same token to authorize the user account (mine in this case) to make AUTHORIZED calls to the Google APIs.
尝试使用相同的令牌来授权用户帐户(在这种情况下为我的帐户)以对Google API进行授权调用。 This keeps responding with "invalid_token". 这将始终以“ invalid_token”进行响应。
So, why is the token invalid for the GET request made almost immediately after I save and print out the access token to the page? 那么,为什么在我保存并打印访问令牌到页面后,令牌几乎立即对GET请求无效? Am I calling the wrong URI or providing the wrong parameters? 我是在调用错误的URI还是提供错误的参数? The access token was JUST created but the response I get below is what I see, which includes the Status Code, ReasonPhrase, RequestMessage, Headers, and Content: 只是创建了访问令牌,但是我在下面看到的是我看到的响应,其中包括状态代码,ReasonPhrase,RequestMessage,标头和内容:
Google Response: Unauthorized - Unauthorized - Method: GET, RequestUri: ' https://www.googleapis.com/consumersurveys/v2/surveys?key= {MY_API_KEY}', Version: 1.1, Content: , Headers: { Accept: application/json Authorization: Bearer abcdefghijklmnopqrstuvqxyz123456789 } - Vary: X-Origin, Origin, Accept-Encoding X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; Google响应:未经授权-未经授权-方法:GET,RequestUri:“ https://www.googleapis.com/consumersurveys/v2/surveys?key= {MY_API_KEY}”,版本:1.1,内容:,标题:{接受:应用程序/ json授权:Bearer abcdefghijklmnopqrstuvqxyz123456789}-变化:X来源,来源,接受编码X内容类型选项:nosniff X框架选项:SAMEORIGIN X-XSS保护:1; mode=block Alternate-Protocol: 443:quic Alt-Svc: quic=":443"; mode = block备用协议:443:quic Alt-Svc:quic =“:443”; ma=2592000; ma = 2592000; v="36,35,34,33,32,31,30,29,28,27,26,25" Transfer-Encoding: chunked Accept-Ranges: none Cache-Control: max-age=0, private Date: Fri, 15 Jul 2016 18:10:37 GMT Server: GSE WWW-Authenticate: Bearer realm="https://accounts.google.com/", error=invalid_token - System.Net.Http.StreamContent v =“ 36,35,34,33,32,31,30,29,28,27,26,25”传输编码:分块接受范围:无高速缓存控制:max-age = 0,私有日期: 2016年7月15日星期五,格林尼治标准时间(GMT)服务器:GSE WWW-Authenticate:Bearer realm =“ https://accounts.google.com/”,error = invalid_token-System.Net.Http.StreamContent
Google Access Token printed on page: abcdefghijklmnopqrstuvqxyz123456789 在页面上打印的Google Access令牌:abcdefghijklmnopqrstuvqxyz123456789
All I am simply trying to do is make authorized calls to Google APIs and in order to do that I have to make a GET request and specify my API KEY, and provide an access token (which matches the printed token) but when I do this it says invalid_token and unauthorized. 我只是想做的就是对Google API进行授权调用,为此,我必须发出GET请求并指定我的API KEY,并提供访问令牌(与打印令牌匹配),但是当我这样做时它说invalid_token和未经授权。 Why does it keep saying this? 为什么一直这样说呢?
This question is an extension of my other question: GET call to a Google API responds with "Unauthorized" 此问题是我其他问题的扩展: 对Google API的GET调用返回“未经授权”
1 个解决方案
解决方案1
0 已采纳 2016-07-16 16:24:12
I believe the issue is that the access token (which I verified through Postman) required more scopes to authenticate me fully, which makes sense since this API contains surveys that I am trying to access, which are also linked to a Google account. 我认为问题在于访问令牌(我通过Postman验证了)需要更多范围才能完全认证我,这是有道理的,因为此API包含我尝试访问的调查,这些调查也已链接到Google帐户。
More info on adding scopes to C# code can be found here: http://www.oauthforaspnet.com/providers/google/ 有关在C#代码中添加范围的更多信息,请参见: http : //www.oauthforaspnet.com/providers/google/
This is also answered here: Why do only OAuth 2.0 Playground access tokens work for Google API? 还在这里回答: 为什么只有OAuth 2.0 Playground访问令牌才能用于Google API?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.