我在SO中搜索了很多,浏览了许多关于相同错误的问题,应用了他们提出的任何建议,但没有任何结果。
我正在学习如何调用谷歌API(说谷歌日历API)。我正在通过谷歌开发人员教程从https://developers.google.com/identity/protocols/OAuth2ServiceAccount
所以我在google中创建了一个服务帐户,创建了凭据(我想从我自己的应用程序调用google API)。然后,我创建JWT,用google共享的私钥签名JWT,并进行REST POST调用以获得oAuth。这是我的代码
public class TestGoogleAPI {
public static void main(String[] args) throws Exception{
String header = "{"alg":"RS256","typ":"JWT"}";
long time = Calendar.getInstance().getTimeInMillis()/1000;
String claimSet = "{"iss":"xxxxxxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com"," +
""scope":"https://www.googleapis.com/auth/calendar"," +
""aud":"https://www.googleapis.com/oauth2/v3/token"," +
""exp":"+ (time+3600) +"," +
""iat":" + time +"}";
String base64Header = new String(Base64.encodeBase64(header.getBytes()),"UTF-8");
String base64ClaimSet = new String(Base64.encodeBase64(claimSet.getBytes()),"UTF-8");
String input = base64Header + "." + base64ClaimSet;
File f = new File("D:/downloads/privatekey.txt");
FileInputStream fis = new FileInputStream(f);
DataInputStream dis = new DataInputStream(fis);
byte[] keyBytes = new byte[(int)f.length()];
dis.readFully(keyBytes);
dis.close();
byte[] key = Base64.decodeBase64(keyBytes);
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(key);
KeyFactory kf = KeyFactory.getInstance("RSA");
PrivateKey privatekey = kf.generatePrivate(spec);
Signature signature = Signature.getInstance("SHA256withRSA");
signature.initSign(privatekey);
signature.update(input.getBytes());
String base64Sign = new String(Base64.encodeBase64(signature.sign()),"UTF-8");
doHttpPost("https://www.googleapis.com/oauth2/v3/token", input + "." + base64Sign);
}
public static void doHttpPost(String urlStr, String assertion) throws Exception{
URL url = new URL(urlStr);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setDoOutput(true);
conn.setDoInput(true);
conn.setUseCaches(false);
conn.setAllowUserInteraction(false);
conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
OutputStream out = conn.getOutputStream();
Writer writer = new OutputStreamWriter(out, "UTF-8");
writer.write("grant_type");
writer.write("=");
writer.write(URLEncoder.encode("urn:ietf:params:oauth:grant-type:jwt-bearer", "UTF-8"));
writer.write("&");
writer.write("assertion");
writer.write("=");
writer.write(URLEncoder.encode(assertion, "UTF-8"));
writer.close();
out.close();
if (conn.getResponseCode() != 200) {
System.out.println(conn.getResponseMessage());
}
BufferedReader rd = new BufferedReader(new InputStreamReader(conn.getInputStream()));
StringBuilder sb = new StringBuilder();
String line;
while ((line = rd.readLine()) != null) {
sb.append(line);
}
rd.close();
conn.disconnect();
System.out.println(sb.toString());
}
}
我收到了400(错误的请求)。我尝试了同样的"Chrome的高级休息客户端",但结果是一样的,无效的grant_type(坏请求)。
{
error: "invalid_grant"
error_description: "Bad Request"
}
我在这里错过了什么吗?请帮帮我
谢谢
最后我得到了分辨率。当我编码头和声明集时,我正在做base64编码,而不是base64safeURL编码。更换
后Base64.encodeBase64(some_data);
Base64.encodeBase64URLSafe(some_data);
在上述代码中出现时,一切正常。我正在获得访问令牌,并能够击中谷歌API与oAuth令牌