我正在使用Google+进行登录,我总是正确地收到令牌,但当我想用这个令牌向"https://www.googleapis.com/plus/v1/people/me"通过卷曲。我总是得到同样的错误。
代码android进行登录:
// Scope to get the token with the user information
public static final String SCOPE_GOOGLE_USER_INFORMATION = "https://www.googleapis.com/auth/userinfo.profile";
public static final String SCOPE_GOOGLE_PLUS_ME = "https://www.googleapis.com/auth/plus.me";
public static final String SCOPE_GOOGLE_PLUS_LOGIN = "https://www.googleapis.com/auth/plus.login";
public static final String SCOPE_GOOGLE_PLUS_EMAIL = "https://www.googleapis.com/auth/userinfo.email";
public static final String SCOPE = "oauth2:" + SCOPE_GOOGLE_USER_INFORMATION + " " + SCOPE_GOOGLE_PLUS_ME + " " + SCOPE_GOOGLE_PLUS_LOGIN + " " + SCOPE_GOOGLE_PLUS_EMAIL;
String token = GoogleAuthUtil.getToken(activity, userEmail, SCOPE);
然后我提出卷曲请求:
curl -H "Authorization: Bearer TOKEN" https://www.googleapis.com/plus/v1/people/me?key={KEY}
我总是收到同样的错误:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "authError",
"message": "Invalid Credentials",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Invalid Credentials"
}
}
但是如果我通过https://developers.google.com/oauthplayground/工作
密钥和访问令牌必须来自同一个项目。您可以通过将访问令牌插入到以下位置来检查其项目编号:https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=
也删除plus.me作用域,这是不需要的。电子邮件和配置文件范围可以分别替换为字符串"电子邮件"one_answers"配置文件"(否https://wwww.googleapis.com等等)。plus.login是合理的,但如果你只是获得基本的概要文件,你就不需要它——概要文件范围会从plus API中为你提供。