OAuth:发送访问令牌和获取用户数据

Question

我正在尝试使用Google OAuth.我正在开发在IBM webSphere服务器上运行的Web应用程序.应用程序的框架是SpringMVC.

我想获取userinfo.profile.我已成功获取访问令牌,但无法找到使用此令牌并获取用户信息的方法.

我正在将浏览器重定向到此URL https://www.googleapis.com/oauth2/v2/userinfo?access_token="+access.getAccessToken();但收到错误

{
 "error": {
  "errors": [
   {
    "domain": "global",
    "reason": "authError",
    "message": "Invalid Credentials",
    "locationType": "header",
    "location": "Authorization"
   }
  ],
  "code": 401,
  "message": "Invalid Credentials"
 }
}

我是否正确使用此访问令牌,还是应该以其他形式发送请求？

我以这种方式发送请求:

GenericUrl shortenEndpoint = new GenericUrl("https://www.googleapis.com/oauth2/v2/userinfo");
HttpRequest request1 = rf.buildGetRequest(shortenEndpoint);
GoogleHeaders headers = new GoogleHeaders();
headers.setContentType("application/json; charset=UTF-8");
headers.setAuthorization("OAuth " + accessToken); 
request1.setHeaders(headers);
HttpResponse shortUrl = request1.execute();

在浏览器中的此URL中提供访问令牌后

https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=******

我有

{
 "issued_to": "*****************",
 "audience": "*****************",
 "scope": "https://www.googleapis.com/auth/urlshortener",
 "expires_in": 3515,
 "access_type": "online"
}

Answer 1

查看tokeninfo响应,发出令牌的范围与您尝试访问的API之间存在不匹配.您似乎拥有https://www.googleapis.com/auth/urlshortener范围的访问令牌.如果您要使用userinfo API,则应获取https://www.googleapis.com/auth/userinfo.profile和https://www.googleapis.com/auth/userinfo.email范围的令牌.