个人中心
gpt4 book ai didi

java - Spring : Google authentication redirect_uri_mismatch and URL wont open on browser

转载 作者:塔克拉玛干 更新时间:2023-11-03 04:29:58 25 4
gpt4 key购买 nike

我正在开发一个在 tomcat 上运行的 Spring-MVC 应用程序,我想在其中使用 Google 驱动器功能。我尝试在本地机器上使用服务帐户,没有遇到任何问题。但是当我在服务器上上传代码时,浏览器 URL 不会被打开。然后我想,我不应该使用服务帐户,我应该使用普通的网络应用程序帐户。现在,当我这样做时,我得到了 redirect_uri_mismatch。

我不明白一件事,我在流程中设置重定向 URL,在 JSON 中,到底为什么要使用随机端口号获取 redirect_url。如果我更改浏览器 URL 中的端口号,它就可以正常工作。但仍然在服务器上它不会打开浏览器 url,我可以在 tomcat 日志中看到它,但该死的东西不会打开 URL。

这是我在 Google 应用中的重定向 URL:

http://localhost/authorizeuser
http://localhost:8080/
http://localhost:8080
http://localhost
http://localhost:8080/Callback
https://testserver.net/Callback
http://testserver.net/Callback
http://127.0.0.1

这是我的 client_secret.json :

{"web": {
    "client_id": "clientid",
    "auth_uri": "https://accounts.google.com/o/oauth2/auth",
    "token_uri": "https://accounts.google.com/o/oauth2/token",
    "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
    "client_email": "clientemailstuff",
    "client_x509_cert_url": "certurlstuff",
    "client_secret": "itsasecret",
    "redirect_uris": ["http://localhost:8080/","http://localhost:8080"],
    "javascript_origins": ["https://testserver.net", "http://testserver.net","http://localhost:8080"]
}}

这是我尝试进行身份验证的代码:

 @Override
    public Credential authorize() throws IOException {
        InputStream in =
                DriveQuickstartImpl.class.getResourceAsStream("/client_secret.json");
        GoogleClientSecrets clientSecrets =
                GoogleClientSecrets.load(JSON_FACTORY, new InputStreamReader(in));

        GoogleAuthorizationCodeFlow flow =
                new GoogleAuthorizationCodeFlow.Builder(
                        HTTP_TRANSPORT, JSON_FACTORY, clientSecrets, SCOPES)
                        .setDataStoreFactory(DATA_STORE_FACTORY)
                        .setAccessType("offline")
                        .build();
        flow.newAuthorizationUrl().setState("xyz").setRedirectUri("http://localhost:8080/Callback");
        Credential credential = new AuthorizationCodeInstalledApp(
                flow, new LocalServerReceiver()).authorize("user");

        if(credential!=null && credential.getRefreshToken() != null){
            storeCredentials(credential);
        }
        return credential;
    }

这让我很生气,因为我正在设置重定向 url,它只是被忽略了,为什么在服务器上部署应用程序时浏览器选项卡不会打开。

更新Spring 问题也已修复,以下代码可用于在具有 tomcat 或其他服务器的服务器上进行 GoogleDrive 授权。 

@Service
@Transactional
public class GoogleAuthorization{


    @Autowired
    private DriveQuickstart driveQuickstart;

    private static final String APPLICATION_NAME ="APPNAME";

    private static final java.io.File DATA_STORE_DIR = new java.io.File(
            "/home/deploy/store");

    private static FileDataStoreFactory DATA_STORE_FACTORY;

    private static final JsonFactory JSON_FACTORY =
            JacksonFactory.getDefaultInstance();

    private static HttpTransport HTTP_TRANSPORT;

    private static final List<String> SCOPES =
            Arrays.asList(DriveScopes.DRIVE);

    private static final String clientid = "clientid";
    private static final String clientsecret = "clientsecret";

    private static final String CALLBACK_URI = "http://localhost:8080/getgooglelogin";

    private String stateToken;

    private final GoogleAuthorizationCodeFlow flow;

    public GoogleAuthorization(){
        try {
            HTTP_TRANSPORT = GoogleNetHttpTransport.newTrustedTransport();
            DATA_STORE_FACTORY = new FileDataStoreFactory(DATA_STORE_DIR);

        } catch (GeneralSecurityException | IOException e) {
            e.printStackTrace();
        }

        flow = new GoogleAuthorizationCodeFlow.Builder(HTTP_TRANSPORT,
                JSON_FACTORY, clientid, clientsecret, SCOPES).setAccessType("offline").setApprovalPrompt("force").build();
        generateStateToken();

    }



    /**
     * Builds a login URL based on client ID, secret, callback URI, and scope
     */
    public String buildLoginUrl() {

        final GoogleAuthorizationCodeRequestUrl url = flow.newAuthorizationUrl();

        return url.setRedirectUri(CALLBACK_URI).setState(stateToken).build();
    }

    /**
     * Generates a secure state token
     */
    private void generateStateToken(){
        SecureRandom sr1 = new SecureRandom();
        stateToken = "google;"+sr1.nextInt();
    }

    /**s
     * Accessor for state token
     */
    public String getStateToken(){
        return stateToken;
    }

    /**
     * Expects an Authentication Code, and makes an authenticated request for the user's profile information
     * * @param authCode authentication code provided by google
     */
    public void saveCredentials(final String authCode) throws IOException {

        GoogleTokenResponse response = flow.newTokenRequest(authCode).setRedirectUri(CALLBACK_URI).execute();
        Credential credential = flow.createAndStoreCredential(response, null);
        System.out.println(" Credential access token is "+credential.getAccessToken());
        System.out.println("Credential refresh token is "+credential.getRefreshToken());
// The line below gives me a NPE.
        this.driveQuickstart.storeCredentials(credential);
    }
}

Controller 方法:

  @RequestMapping(value = "/getgooglelogin")
    public String getGoogleLogin(HttpServletRequest request, HttpServletResponse response, HttpSession session,Model model) {
// Below guy should be autowired if you want to use Spring. 
        GoogleAuthorization helper = new GoogleAuthorization();

        if (request.getParameter("code") == null
                || request.getParameter("state") == null) {

            model.addAttribute("URL", helper.buildLoginUrl());
            session.setAttribute("state", helper.getStateToken());

        } else if (request.getParameter("code") != null && request.getParameter("state") != null && request.getParameter("state").equals(session.getAttribute("state"))) {
            session.removeAttribute("state");

            try {
                helper.saveCredentials(request.getParameter("code"));
                return "redirect:/dashboard";
            } catch (IOException e) {
                e.printStackTrace();
            }
        }
        return "newjsp";
    }

newjsp 只是有一个点击 URL 的按钮。

最佳答案

具体来说,您将获得随机端口,因为您使用的是 LocalServerReceiver ,这starts up a jetty instance on a free port以获得授权码。

在更高层次上,您似乎正在开发 web server application ,但您正在尝试使用 Google OAuth,就好像它是一个 installed application .如果您确实在制作 Web 服务器应用程序,您应该在回调 URL 中使用服务器的主机名而不是本地主机,为最终用户提供一个链接以使用 flow.newAuthorizationUrl() 进行身份验证。 ,并让您的回调使用 flow.newTokenRequest(String) 获取 token .还要确保您在 console 中创建的客户端 ID是 Web 应用程序类型,否则您将 get redirect_uri_mismatch errors .可以找到如何执行此操作的完整工作示例 here .

关于java - Spring : Google authentication redirect_uri_mismatch and URL wont open on browser,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/31133757/

25 4 0
文章推荐: java - Java编译中错误的意外顺序
文章推荐: Javascript 计数排序实现
文章推荐: javascript - 寻找魔术索引的二进制搜索
文章推荐: java - 在 Hibernate 4.3.4 中覆盖 @Where 子句条件
塔克拉玛干
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com