使用谷歌oauth2游乐场:https ://developers.google.com/oauthplayground/关注:https://developers.google.com/accounts/docs/OAuth2WebServer#offline
为什么我收到无效请求?
POST /o/oauth2/token HTTP/1.1
Host: accounts.google.com
Content-length: 209
Content-type: application/x-www-form-urlencoded
Authorization: OAuth ya29.XXXXXXXX
client_id=XXXXXXXXX&
client_secret=XXXXXXXXX&
refresh_token=1/0ffkj5lggn8XXXXXXXXX&
grant_type=refresh_token
HTTP/1.1 400 Bad Request
Content-length: 33
X-xss-protection: 1; mode=block
X-content-type-options: nosniff
X-google-cache-control: remote-fetch
-content-encoding: gzip
Server: GSE
Reason: Bad Request
Via: HTTP/1.1 GWA
Pragma: no-cache
Cache-control: no-cache, no-store, max-age=0, must-revalidate
Date: Thu, 11 Oct 2012 21:29:55 GMT
X-frame-options: SAMEORIGIN
Content-type: application/json
Expires: Fri, 01 Jan 1990 00:00:00 GMT
{
"error" : "invalid_request"
}
如果您收到 400 是因为您添加了无效参数或缺少参数。
编辑:
我相信从给定的数据来看,有一个额外的标题授权。仅当在 header 中传递 access_token 时,才会在 oauth2 中使用它,以进行经过身份验证的调用
Authorization : Bearer XXXXXXXXXXXXXXXX
刷新 access_token 时,无需在标头中提供相同内容。
https://developers.google.com/accounts/docs/OAuth2InstalledApp#refresh
| 归档时间: |
|
| 查看次数: |
2379 次 |
| 最近记录: |