问题描述
我正在使用 Java 库客户端进行 Web 应用程序身份验证,我使用客户端密钥和客户端 ID 生成授权 url,还在 Google Api 控制台中提供了一个重定向 url,但我不知道是否有必要创建此服务器接收刷新令牌? 我的意思是在生产中我应该提供一个单独的服务器来接收刷新令牌?(重定向 url 来到这个服务器) 主要问题是用户应该自己将生成的 url 粘贴到浏览器上,但我想自动打开浏览器,第二个是关于接收刷新令牌我不确定是否创建另一个服务器来接收刷新代码,我不能使用服务帐户我要进行网络流身份验证。
UserAuthorizer userAuthorizer =
UserAuthorizer.newBuilder()
.setClientId(ClientId.of(clientId,clientSecret))
.setScopes(ScopES)
.setCallbackUri(URI.create(OAUTH2_CALLBACK_URL_CONfigURED_AT_GOOGLE_CONSOLE))
.build();
baseUri = URI.create("http://localhost:" + simpleCallbackServer.getLocalPort());
System.out.printf(
"Paste this url in your browser:%n%s%n",userAuthorizer.getAuthorizationUrl(loginEmailAddressHint,state,baseUri));
这是接收刷新令牌的本地服务器:
private static class SimpleCallbackServer extends ServerSocket {
private AuthorizationResponse authorizationResponse;
SimpleCallbackServer() throws IOException {
// Passes a port # of zero so that a port will be automatically allocated.
super(0);
}
/**
* Blocks until a connection is made to this server. After this method completes,the
* authorizationResponse of this server will be set,provided the request line is in the
* expected format.
*/
@Override
public Socket accept() throws IOException {
Socket socket = super.accept();
}
}
解决方法
对于那些努力通过 spring boot 使用 google oauth2.0 获得授权的人 您不能将用户重定向到授权 url(谷歌授权服务器使用您的客户端 ID 和客户端密码提供)使用控制器重定向用户:
@GetMapping(value = "/redirect-user")
public ResponseEntity<Object> redirectToExternalUrl() throws URISyntaxException {
String url=gs.createUserAuthorizationUrl();
URI authorizationUrl = new URI(url);
HttpHeaders httpHeaders = new HttpHeaders();
httpHeaders.setLocation(authorizationUrl);
return new ResponseEntity<>(httpHeaders,HttpStatus.FOUND);
}
在服务层 createUserAuthorizationUrl() 方法如下:
public String createUserAuthorizationUrl() {
clientId = "client-id";
clientSecret = "client-secret-code";
userAuthorizer =
UserAuthorizer.newBuilder()
.setClientId(ClientId.of(clientId,clientSecret))
.setScopes(SCOPES)
.setCallbackUri(URI.create("/oauth2callback"))
.build();
baseUri = URI.create("your-app-redirect-url-configured-at-google-console" + "your-spring-boot-server-port"); //giving redirect url
String redirectURL = userAuthorizer.getAuthorizationUrl(loginEmailAddressHint,state,baseUri).toString();
return redirectURL;
}
让我们创建一个控制器来支持来自带有代码的谷歌授权服务器的获取请求。我们将使用该代码从 google.i 获取访问令牌。我通过@RequestParam 获取状态和代码 我还想将用户重定向到我的应用程序。
@GetMapping(value = "/oauth2callback")
public ResponseEntity<Object> proceedeTOServer(@RequestParam String state,@RequestParam String code) throws URISyntaxException {
String url="my-application-url-to-redirect-user";
URI dashboardURL = new URI(url);
HttpHeaders httpHeaders=new HttpHeaders();
httpHeaders.setLocation(dashboardURL);
gs.getCode(state,code);
return new ResponseEntity<>(httpHeaders,HttpStatus.FOUND);
}
在服务层的 getCode(code) 中,我将发送到代码并接收刷新令牌或访问令牌:
UserCredentials userCredentials =userAuthorizer.getCredentialsFromCode(code,"your-app-redirect-url-configured-at-google-console" + "your-spring-boot-server-port");