Question

我正在尝试通过Google的OAuth进行身份验证，但我在建立与API的连接时遇到了问题

我的客户代码：

'click #addChannel': function (event) {
    event.preventDefault();

    var userId = Meteor.userId();
    var options = {
      requestPermissions: [
        'https://www.googleapis.com/auth/youtube',
        'https://www.googleapis.com/auth/userinfo.email',
        'https://www.googleapis.com/auth/youtube.force-ssl',
        'https://www.googleapis.com/auth/youtube.readonly',
        'https://www.googleapis.com/auth/youtube.upload',
        'https://www.googleapis.com/auth/youtubepartner',
        'https://www.googleapis.com/auth/youtubepartner-channel-audit',
      ],
      requestOfflineToken: true
    };

    Google.requestCredential(options, function(token) {
      Meteor.call('userAddOauthCredentials', userId, token, function(error, result) {
        if (error) {
          throw error;
        }
        console.log(result);
      });

    });

我的服务器代码：

userAddOauthCredentials: function(userId, token) {
    check(userId, String);
    check(token, String);

    var config = ServiceConfiguration.configurations.findOne({service: 'google'});
    if (!config) {
      throw new ServiceConfiguration.ConfigError();
    }

    console.log(token, config);

    var endpoint = 'https://accounts.google.com/o/oauth2/token';
    var params   = {
      code: token,
      client_id: config.clientId,
      client_secret: OAuth.openSecret(config.secret),
      redirect_uri: OAuth._redirectUri('google', config),
      grant_type: 'authorization_code',
    };

    try { <------------------------------------------------------ this fails
      response = HTTP.post(endpoint, { params: params });
    } catch (err) {
      throw _.extend(new Error("(first) Failed to complete OAuth handshake with Google. " + err.message),
                     {response: err.response});
    }

    if (response.data.error) { // if the http response was a json object with an error attribute
      throw new Error("(second) Failed to complete OAuth handshake with Google. " + response.data);
    } else {
      return {
        accessToken: response.data.access_token,
        refreshToken: response.data.refresh_token,
        expiresIn: response.data.expires_in,
        idToken: response.data.id_token
      };
    }

以上引发了[400] { "error" : "invalid_grant" }错误。

上面的大部分代码都来自meteor accounts-google软件包如何登录用户（在我的应用程序中工作正常）。链接到：

https://github.com/meteor/meteor/blob/87e3c6499d5eacce62f10faefe9ce49c77bb03ee/packages/google/google_server.js

有关如何从这里开始的任何建议吗？

非常感谢

UPDATE1：

我在日志中收到这些警告

W20150318-09:11:42.532(1) (oauth_server.js:71) Unable to base64 decode state from OAuth query: undefined
W20150318-09:11:42.532(1) (oauth_server.js:71) Unable to base64 decode state from OAuth query: undefined
W20150318-09:11:42.533(1) (oauth_server.js:71) Unable to base64 decode state from OAuth query: undefined
W20150318-09:11:42.534(1) (oauth_server.js:398) Error in OAuth Server: Match error: Expected string, got undefined

Answer 1

您必须将 var params 解析为 application / x-www-form-urlencoded 。请在 php

中找到以下代码进行解析

   $fields_string="";
    foreach($params as $key=>$value) 
    { 
         $fields_string .= $key.'='.$value.'&';
    }
    rtrim($fields_string, '&');

现在$ filed_string将包含params数组的解析。

invalid_grant Google OAuth

1 个答案: